2017-09-05 12:01:27 +02:00
|
|
|
#
|
|
|
|
# {{ ansible_managed }}
|
|
|
|
#
|
2018-11-07 15:20:18 +01:00
|
|
|
{% if debug_fastd %}
|
|
|
|
log level debug;
|
|
|
|
{% else %}
|
2017-09-05 12:01:27 +02:00
|
|
|
log level warn;
|
2018-11-07 15:20:18 +01:00
|
|
|
{% endif %}
|
2017-09-05 12:01:27 +02:00
|
|
|
hide ip addresses yes;
|
|
|
|
hide mac addresses yes;
|
|
|
|
|
|
|
|
method "salsa2012+umac";
|
|
|
|
|
2017-11-06 21:24:56 +01:00
|
|
|
interface "{{ item.0.id }}vpn-{{ item.1.mtu }}";
|
2017-09-05 12:01:27 +02:00
|
|
|
|
2017-10-07 00:57:35 +02:00
|
|
|
bind {{ ansible_default_ipv4.address | ipaddr('public') }}:10{{ item.1.id }}{{ item.0.site_number }};
|
|
|
|
bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:10{{ item.1.id }}{{ item.0.site_number }};
|
2017-09-05 12:01:27 +02:00
|
|
|
|
|
|
|
include "secret.conf";
|
2017-10-07 00:57:35 +02:00
|
|
|
mtu {{ item.1.mtu }};
|
2017-09-05 12:01:27 +02:00
|
|
|
|
|
|
|
peer group "vpn_nodes" {
|
2017-10-06 10:33:38 +02:00
|
|
|
include "peer_limit.conf";
|
2017-09-05 12:01:27 +02:00
|
|
|
include peers from "peers";
|
2017-10-07 00:57:35 +02:00
|
|
|
{% if item.0.id == "mz" %}
|
2017-09-05 12:01:27 +02:00
|
|
|
include peers from "peers_bingen";
|
|
|
|
{% endif %}
|
|
|
|
}
|
|
|
|
|
2017-11-12 15:08:41 +01:00
|
|
|
on up "/bin/systemctl reload networking";
|
|
|
|
|
2017-11-06 21:24:56 +01:00
|
|
|
status socket "/var/run/fastd-{{ item.0.id }}vpn-{{ item.1.mtu }}.status";
|