ansible-ffibk/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2

38 lines
1,008 B
Text
Raw Normal View History

{% set ip4hex = item.0.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%}
{% set mac = '0212' + ip4hex -%}
#
# {{ ansible_managed }}
#
log level warn;
hide ip addresses yes;
hide mac addresses yes;
method "aes128-ctr+umac";
interface "{{ item.0.id }}igVPN-{{ item.1.mtu }}";
bind {{ ansible_default_ipv4.address | ipaddr('public') }}:11{{ item.1.id }}{{ item.0.site_number }};
bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:11{{ item.1.id }}{{ item.0.site_number }};
include "secret.conf";
mtu {{ item.1.mtu }};
peer group "servers" {
include peers from "peers/gates";
include peers from "peers/services";
}
on up "
ip link set $INTERFACE down
ip link set address {{ mac | hwaddr('linux') }} dev $INTERFACE
ip link set $INTERFACE up
batctl -m {{ item.0.id }}BAT if add $INTERFACE
";
on down "
batctl -m {{ item.0.id }}BAT if del $INTERFACE
";
status socket "/var/run/fastd-{{ item.0.id }}igVPN-{{ item.1.mtu }}.status";