Role service-bird-lg: update lgproxy.cfg for new p2p vpn links

2019-03-19 17:03:02 +01:00 · 2019-03-19 17:03:02 +01:00 · 2ca3fdd43e
commit 2ca3fdd43e
parent e4e8c0998f
2 changed files with 13 additions and 6 deletions
--- a/roles/service-bird-lg/meta/main.yml
+++ b/roles/service-bird-lg/meta/main.yml
@ -1,4 +1,5 @@
 ---
 dependencies:
+  - { role: wireguard }
  - { role: service-bird }
  - { role: service-nginx }
--- a/roles/service-bird-lg/templates/lgproxy.cfg.j2
+++ b/roles/service-bird-lg/templates/lgproxy.cfg.j2
@ -3,14 +3,20 @@ DEBUG=False
 LOG_FILE="/var/log/bird-lg/lg-proxy.log"
 LOG_LEVEL="WARNING"

-BIND_IP = "{{ loopback_net_ipv4 | ipsubnet(32, magic) | ipaddr('address') }}"
+BIND_IP = "{{ loopback_net_ipv4 | ipaddr(magic) | ipaddr('address') }}"
 BIND_PORT = 5000

-ACCESS_LIST = [ {% for host in groups["ffmwu-monitoring"] %}"{{ loopback_net_ipv4 | ipsubnet(32, hostvars[host]['magic']) | ipaddr('address') }}"{% if not loop.last %}, {% endif %}{% endfor %} ]
-
-# ???
-IPV4_SOURCE = "10.207.0.37"
-IPV6_SOURCE = "fec0::a:cf:0:25"
+ACCESS_LIST = [
+{% for network in my_wireguard_networks %}
+{% if network.remote_hostname in groups["ffmwu-monitoring"] %}
+{% if magic > network.remote_magic %}
+   "{{ network.ipv4 | ipaddr(0) | ipaddr('address') }}",
+{% else %}
+   "{{ network.ipv4 | ipaddr(1) | ipaddr('address') }}",
+{% endif %}
+{% endif %}
+{% endfor %}
+]

 BIRD_SOCKET="/var/run/bird/bird.ctl"
 BIRD6_SOCKET="/var/run/bird/bird6.ctl"