Mercurial > code > home > repos > infra
changeset 76:de387eae06cf
still trying to sequence dhcp->wireguard->dns startup
| author | drewp@bigasterisk.com |
|---|---|
| date | Sat, 11 Jun 2022 22:58:35 -0700 |
| parents | 41008d412ec8 |
| children | 996f39b03494 |
| files | templates/kube/config.yaml.j2 templates/wireguard/wg.service.j2 wireguard.py |
| diffstat | 3 files changed, 44 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/templates/kube/config.yaml.j2 Sat Jun 11 22:58:05 2022 -0700 +++ b/templates/kube/config.yaml.j2 Sat Jun 11 22:58:35 2022 -0700 @@ -1,6 +1,8 @@ debug: true write-kubeconfig-mode: '640' -bind-address: {{ master_ip }} +bind-address: 0.0.0.0 +http-listen-port: 6443 +#{{ master_ip }} node-ip: {{ wg_ip }} disable:
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/templates/wireguard/wg.service.j2 Sat Jun 11 22:58:35 2022 -0700 @@ -0,0 +1,33 @@ +# written by pyinfra + +[Unit] +Description=WireGuard via wg-quick(8) for {{wireguard_interface}} +After=network-online.target nss-lookup.target +Wants=network-online.target nss-lookup.target +PartOf=wg-quick.target +Documentation=man:wg-quick(8) +Documentation=man:wg(8) +Documentation=https://www.wireguard.com/ +Documentation=https://www.wireguard.com/quickstart/ +Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 +Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 + +{% if host.name == 'bang' and wireguard_interface == 'wg0' %} +# startup order has to be like this: +# dnsmasq_10.2 +# wg-quick@wg0.service +# dnsmasq_10.5 + +Requires=dnsmasq_10.2.service +{% endif %} + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/wg-quick up {{wireguard_interface}} +ExecStop=/usr/bin/wg-quick down {{wireguard_interface}} +ExecReload=/bin/bash -c 'exec /usr/bin/wg syncconf {{wireguard_interface}} <(exec /usr/bin/wg-quick strip {{wireguard_interface}})' +Environment=WG_ENDPOINT_RESOLUTION_RETRIES=infinity + +[Install] +WantedBy=multi-user.target \ No newline at end of file
--- a/wireguard.py Sat Jun 11 22:58:05 2022 -0700 +++ b/wireguard.py Sat Jun 11 22:58:35 2022 -0700 @@ -2,7 +2,7 @@ from pyinfra import host from pyinfra.facts.files import FindInFile -from pyinfra.operations import apt, files, systemd +from pyinfra.operations import apt, files, server, systemd # other options: # https://www.reddit.com/r/WireGuard/comments/fkr240/shortest_path_between_peers/ @@ -54,7 +54,13 @@ peer_block=peer_block, ) svc = f'wg-quick@{wireguard_interface}.service' - files.link(path=f'/etc/systemd/system/multi-user.target.wants/{svc}', target='/lib/systemd/system/wg-quick@.service') + + files.template(src='templates/wireguard/wg.service.j2', + dest=f'/etc/systemd/system/{svc}', + wireguard_interface=wireguard_interface) + systemd.service(service=f'{svc}', enabled=True, restarted=True, daemon_reload=True) + + # files.link(path=f'/etc/systemd/system/multi-user.target.wants/{svc}', target='/lib/systemd/system/wg-quick@.service') systemd.service(service=svc, daemon_reload=True, restarted=True, enabled=True)