Mercurial > code > home > repos > infra
changeset 259:e45e93a797b0
wg updates
| author | drewp@bigasterisk.com |
|---|---|
| date | Fri, 26 Jan 2024 12:55:27 -0800 |
| parents | 66fd20ab0454 |
| children | 277278422949 |
| files | templates/wireguard/wg0.conf.j2 wireguard.py |
| diffstat | 2 files changed, 7 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/templates/wireguard/wg0.conf.j2 Fri Jan 26 12:54:59 2024 -0800 +++ b/templates/wireguard/wg0.conf.j2 Fri Jan 26 12:55:27 2024 -0800 @@ -13,7 +13,6 @@ {{ peer_block('bang', '10.5.0.1/32') }} {{ peer_block('dash', '10.5.0.5/32') }} {{ peer_block('dot', '10.5.0.30/32') }} - {{ peer_block('frontbed', '10.5.0.17/32') }} {{ peer_block('garage', '10.5.0.14/32') }} {{ peer_block('pipe', '10.5.0.3/32') }} {{ peer_block('prime', '10.5.0.0/24', 'public.bigasterisk.com:1195', 50) }} @@ -23,7 +22,8 @@ {{ peer_block('drew-note10', '10.5.0.112/32') }} {{ peer_block('plus', '10.5.0.110/32', 'public.bigasterisk.com:1195') }} {% elif host.name == 'plus' %} - {{ peer_block('ditto', '10.5.0.0/24', 'ditto:1195', 50) }} + {{ peer_block('prime', '10.5.0.0/24', 'public.bigasterisk.com:1195', 50) }} + {# {{ peer_block('ditto', '10.5.0.0/24', 'ditto:1195', 50) }} #} {% else %} {{ peer_block('ditto', '10.5.0.0/24', 'ditto:1195', 50) }} {% endif %}
--- a/wireguard.py Fri Jan 26 12:54:59 2024 -0800 +++ b/wireguard.py Fri Jan 26 12:55:27 2024 -0800 @@ -2,7 +2,8 @@ from pyinfra import host from pyinfra.facts.files import FindInFile -from pyinfra.operations import apt, files, server, systemd +from pyinfra.operations import files, systemd + import wireguard_pubkey # other options: @@ -37,7 +38,9 @@ continue # note- this is specific to the wg0 setup. Other conf files don't use it. - wireguard_ip = host.host_data['wireguard_address'] + wireguard_ip = host.host_data.get('wireguard_address') + if wireguard_interface == 'wg0' and wireguard_ip is None: + continue # new pi may fail with 'Unable to access interface: Protocol not supported'. reboot fixes. @@ -66,8 +69,6 @@ wireguard_interface=wireguard_interface) systemd.service(service=f'{svc}', enabled=True, restarted=True, daemon_reload=True) - # files.link(path=f'/etc/systemd/system/multi-user.target.wants/{svc}', target='/lib/systemd/system/wg-quick@.service') - systemd.service(service=svc, daemon_reload=True, restarted=True, enabled=True) # if host.name == 'bang':