63ca114c95
- migrate dictionary `ipv6` into two simple lists - migrate dictionary `forward_zones` into a list
45 lines
1 KiB
Django/Jinja
45 lines
1 KiB
Django/Jinja
{% set ip4hex = item.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%}
|
|
{% set mac = '0211' + ip4hex -%}
|
|
#
|
|
# {{ ansible_managed }}
|
|
#
|
|
log level warn;
|
|
hide ip addresses yes;
|
|
hide mac addresses yes;
|
|
|
|
method "salsa2012+umac";
|
|
|
|
interface "{{ item.id }}VPN";
|
|
|
|
bind {{ ansible_default_ipv4.address | ipaddr('public') }}:100{{ item.site_number }};
|
|
bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:100{{ item.site_number }};
|
|
|
|
include "secret.conf";
|
|
mtu 1406;
|
|
|
|
peer group "vpn_nodes" {
|
|
include "peer_limit.conf";
|
|
include peers from "peers";
|
|
{% if item.id == "mz" %}
|
|
include peers from "peers_bingen";
|
|
{% endif %}
|
|
}
|
|
|
|
peer group "servers" {
|
|
include peers from "peers/servers";
|
|
}
|
|
|
|
on up "
|
|
ip link set $INTERFACE down
|
|
ip link set address {{ mac | hwaddr('linux') }} dev $INTERFACE
|
|
ip link set $INTERFACE up
|
|
|
|
batctl -m {{ item.id }}BAT if add $INTERFACE
|
|
";
|
|
|
|
on down "
|
|
batctl -m {{ item.id }}BAT if del $INTERFACE
|
|
";
|
|
|
|
status socket "/var/run/fastd-{{ item.id }}VPN.status";
|