Role service-yanic: use wireguard interfaces for respondd on servers

2019-05-04 19:53:34 +02:00 · 2019-05-04 19:53:34 +02:00 · 3c010e2c5f
parent e17f378f0b
commit 3c010e2c5f
3 changed files with 20 additions and 4 deletions
--- a/roles/service-yanic/meta/main.yml
+++ b/roles/service-yanic/meta/main.yml
@ -1,3 +1,4 @@
 ---
 dependencies:
-#  - { role: golang }
+  - { role: golang }
+  - { role: wireguard }
--- a/roles/service-yanic/templates/respondd.conf.j2
+++ b/roles/service-yanic/templates/respondd.conf.j2
@ -1,11 +1,18 @@
 data_interval = "1m"

-batman = [ {% for mesh in meshes %}"{{mesh.id}}bat"{% if not loop.last %}, {% endif %}{% endfor %}]
+batman = [ {% for mesh in meshes %}"{{mesh.id}}bat"{% if not loop.last %}, {% endif %}{% endfor %} ]

+{% if server_type == 'monitoring' %}
 [[listen]]
-address   = "ff05::2:1001"
-interface = "dom0br"
+address   = "ff02::2:1001"
+interface = "loopback"
 port      = 1001
+{% else %}
+[[listen]]
+address   = "ff02::2:1001"
+interface = "wg-suesskartof"
+port      = 1001
+{% endif%}
 {% for mesh in meshes %}
 {% if server_type == 'gateway' %}
 {% for instance in mesh.fastd.nodes.instances %}
--- a/roles/service-yanic/templates/yanic.conf.j2
+++ b/roles/service-yanic/templates/yanic.conf.j2
@ -22,6 +22,14 @@ domains = [
 {% endfor %}
 ]

+[[respondd.interfaces]]
+ifname = "loopback"
+multicast_address = "ff02::2:1001"
+{% for network in my_wireguard_networks %}
+[[respondd.interfaces]]
+ifname = "wg-{{ network.remote[:11] }}"
+multicast_address = "ff02::2:1001"
+{% endfor %}
 {% for mesh in meshes %}
 [[respondd.interfaces]]
 ifname = "{{mesh.id}}br"