diff options
| author | Paweł Dybiec <pdybiec@stud.cs.uni.wroc.pl> | 2019-10-13 02:01:20 +0200 |
|---|---|---|
| committer | Paweł Dybiec <pdybiec@stud.cs.uni.wroc.pl> | 2019-10-13 02:01:20 +0200 |
| commit | c3b30460b49eac11f82acb465e9682a3c308115b (patch) | |
| tree | c34a2d8e7754331598fcc47fdf0e012540f1c6d1 /wireguard.yml | |
| parent | Wireguard configuration (diff) | |
Removed systemd-networkd
Diffstat (limited to 'wireguard.yml')
| -rw-r--r-- | wireguard.yml | 54 |
1 files changed, 33 insertions, 21 deletions
diff --git a/wireguard.yml b/wireguard.yml index be40d5b..db1278c 100644 --- a/wireguard.yml +++ b/wireguard.yml @@ -20,33 +20,45 @@ value: "1" state: present - - name: Enable systemd-networkd - systemd: - enabled: true - state: started - name: systemd-networkd - name: Generate wireguard config template: - src: templates/wg.netdev.j2 - dest: /etc/systemd/network/30-wg0.netdev - owner: root - group: systemd-network - mode: "640" - - name: Generate networkd config - template: - src: templates/wg.network.j2 - dest: /etc/systemd/network/30-wg0.network + src: templates/wg.conf.j2 + dest: /etc/wireguard/wg0.conf - - name: Remove interface #systemd-networkd doesn't reload netdev - shell: ip link del dev wg0 || true + - lineinfile: + dest: /etc/network/interfaces + state: present + insertafter: "^source /etc/network/interfaces.d/*" + line: auto wg0 + - lineinfile: + dest: /etc/network/interfaces + state: present + insertafter: "^auto wg0" + line: iface wg0 inet static - - name: Restart systemd-networkd - systemd: - state: restarted - name: systemd-networkd - + - interfaces_file: + iface: wg0 + option: address + value: 10.0.27.1 + - interfaces_file: + iface: wg0 + option: netmask + value: 255.255.255.0 + - interfaces_file: + iface: wg0 + option: pre-up + value: ip link add $IFACE type wireguard + - interfaces_file: + iface: wg0 + option: pre-up + value: wg setconf $IFACE /etc/wireguard/$IFACE.conf + - interfaces_file: + iface: wg0 + option: post-down + value: ip link del $IFACE + - iptables: chain: INPUT match: conntrack |