freifunk/ansible-ffibk
9
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
ansible-ffibk/roles/wireguard/templates/wireguard.j2

21 lines
643 B
Plaintext
Raw Normal View History

Introduce p2p vpn link between all ffmwu servers via WireGuard for routing purpose. * add jinja2 extension 'jinja2.ext.do' to ansible.cfg * add host kichererbse.freifunk-mwu.de * add new server_type 'mesh-service' and new host group 'ffmwu-mesh-services' * use new loopback and anycast networks * add role wireguard * add role wireguard as dependency for roles network-routing + service-bird * add playbook 'mesh-services'
2019-03-19 15:23:12 +01:00
#
# {{ ansible_managed }}
#
{% for network in my_wireguard_networks %}
auto wg-{{ network.remote[:11] }}
iface wg-{{ network.remote[:11] }}
Role wireguard: explicitly set ipv6-addrgen to off newer versions of ifupdown2 try to set the addrgen mode for interfaces using inet6 but it seems that wireguard interfaces do not support this. This causes a "ip link set dev <iface> down" command during every execution of ifreload as the default mode eui6 does not mach the mode set on the interface which is none.
2019-03-24 18:57:22 +01:00
ipv6-addrgen off
Introduce p2p vpn link between all ffmwu servers via WireGuard for routing purpose. * add jinja2 extension 'jinja2.ext.do' to ansible.cfg * add host kichererbse.freifunk-mwu.de * add new server_type 'mesh-service' and new host group 'ffmwu-mesh-services' * use new loopback and anycast networks * add role wireguard * add role wireguard as dependency for roles network-routing + service-bird * add playbook 'mesh-services'
2019-03-19 15:23:12 +01:00
{% if magic < network.remote_magic %}
address {{ network.ipv4 | ipaddr('ip/prefix') }}
address {{ network.ipv6 | ipaddr('ip/prefix') }}
{% else %}
address {{ network.ipv4 | ipaddr('1') | ipaddr('ip/prefix') }}
address {{ network.ipv6 | ipaddr('1') | ipaddr('ip/prefix') }}
{% endif %}
pre-up ip link add dev $IFACE type wireguard
pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
post-up ip link set up dev $IFACE
post-down ip link del $IFACE
{% endfor %}
Reference in a new issue Copy permalink