diff options
| -rw-r--r-- | templates/wg.conf.j2 (renamed from templates/wg.netdev.j2) | 11 | ||||
| -rw-r--r-- | templates/wg.network.j2 | 5 | ||||
| -rw-r--r-- | wireguard.yml | 54 |
3 files changed, 36 insertions, 34 deletions
diff --git a/templates/wg.netdev.j2 b/templates/wg.conf.j2 index 5d0bf5f..6a62c7f 100644 --- a/templates/wg.netdev.j2 +++ b/templates/wg.conf.j2 @@ -1,21 +1,16 @@ -[NetDev] -Name = wg0 -Kind = wireguard -Description = Wireguard - #tamriel 10.0.27.1 -[WireGuard] +[Interface] ListenPort = 48574 PrivateKey = {{ wireguard_private_key }} # balmora 10.0.27.2 -[WireGuardPeer] +[Peer] PublicKey = 6dbkVQAQPkbk0+wt6f+wge5cPW6THe0Kua830jio528= AllowedIPs = 10.0.27.2/32 PersistentKeepalive = 20 # motorola g6 10.0.27.3 -[WireGuardPeer] +[Peer] PublicKey = pqSY7SCKuRkHBTMWVhYAASrx/A1HF8Nlb3emnO8WqAc= AllowedIPs = 10.0.27.3/32 PersistentKeepalive = 20 diff --git a/templates/wg.network.j2 b/templates/wg.network.j2 deleted file mode 100644 index 31fef48..0000000 --- a/templates/wg.network.j2 +++ /dev/null @@ -1,5 +0,0 @@ -[Match] -Name = wg0 - -[Network] -Address = 10.0.27.1/24 diff --git a/wireguard.yml b/wireguard.yml index be40d5b..db1278c 100644 --- a/wireguard.yml +++ b/wireguard.yml @@ -20,33 +20,45 @@ value: "1" state: present - - name: Enable systemd-networkd - systemd: - enabled: true - state: started - name: systemd-networkd - name: Generate wireguard config template: - src: templates/wg.netdev.j2 - dest: /etc/systemd/network/30-wg0.netdev - owner: root - group: systemd-network - mode: "640" - - name: Generate networkd config - template: - src: templates/wg.network.j2 - dest: /etc/systemd/network/30-wg0.network + src: templates/wg.conf.j2 + dest: /etc/wireguard/wg0.conf - - name: Remove interface #systemd-networkd doesn't reload netdev - shell: ip link del dev wg0 || true + - lineinfile: + dest: /etc/network/interfaces + state: present + insertafter: "^source /etc/network/interfaces.d/*" + line: auto wg0 + - lineinfile: + dest: /etc/network/interfaces + state: present + insertafter: "^auto wg0" + line: iface wg0 inet static - - name: Restart systemd-networkd - systemd: - state: restarted - name: systemd-networkd - + - interfaces_file: + iface: wg0 + option: address + value: 10.0.27.1 + - interfaces_file: + iface: wg0 + option: netmask + value: 255.255.255.0 + - interfaces_file: + iface: wg0 + option: pre-up + value: ip link add $IFACE type wireguard + - interfaces_file: + iface: wg0 + option: pre-up + value: wg setconf $IFACE /etc/wireguard/$IFACE.conf + - interfaces_file: + iface: wg0 + option: post-down + value: ip link del $IFACE + - iptables: chain: INPUT match: conntrack |