tun

27df73db · nanahira · a42ac769 · 27df73db · 27df73db · 27df73db
Commit 27df73db authored Aug 17, 2022 by nanahira
4 changed files
--- a/ansible/protocols/tun/configure.yaml
+++ b/ansible/protocols/tun/configure.yaml
+- name: '{{conn.name}}: stop wg'
+  include_tasks: ../wg/uninstall.yaml
--- a/ansible/protocols/tun/uninstall.yaml
+++ b/ansible/protocols/tun/uninstall.yaml
+- name: '{{conn.name}}: stop tun'
+  docker_compose:
+    project_src: '{{ansible_user_dir}}/nextgen-network/services'
+    stopped: true
+    services:
+      - 'tun-{{conn.name}}'
+  ignore_errors: true
--- a/ansible/protocols/wg/configure.yaml
+++ b/ansible/protocols/wg/configure.yaml
 - name: '{{conn.name}}: stop oc'
  include_tasks: ../oc/uninstall.yaml
+- name: '{{conn.name}}: stop tun'
+  include_tasks: ../tun/uninstall.yaml
 - name: '{{conn.name}}: wg conf'
  become: true
  template:

--- a/src/inventory.ts
+++ b/src/inventory.ts
@@ -582,6 +582,35 @@ class InventoryBuilder {
      }
    }

+    if (protocol === 'tun') {
+      const containerName = `tun-${name}`;
+      const dev = `mc-${name}`;
+      const tunMtu = mtu - 24;
+      const envs = `dev=${dev} localPeerAddress=${localPeerAddress} remotePeerAddress=${remotePeerAddress} localPeerAddress6=${localPeerAddress} remotePeerAddress6=${remotePeerAddress6} remoteNextMark=${remoteNextMark} inbound=${inbound ? 'True' : 'False'} outbound=${inbound ? 'True' : 'False'} mtu=${tunMtu}`;
+      local.dockerServices.services[containerName] = {
+        restart: 'always',
+        image: `git-registry.mycard.moe/railgun/tun${this.getDockerImageTag(local)}`,
+        network_mode: 'host',
+        cap_add: ['NET_ADMIN'],
+        devices: ['/dev/net/tun:/dev/net/tun'],
+        volumes: [
+          '$HOME/nextgen-network/scripts:$HOME/nextgen-network/scripts:ro'
+        ],
+        environment: {
+          LOCAL_ID: local.id,
+          REMOTE_ID: remote.id,
+          PROTO: params.p || 144,
+          LOCAL_SECRET: local.wgPrivateKey,
+          REMOTE_SECRET: remote.wgPrivateKey,
+          DEV: dev,
+          ENDPOINT: remoteAddress,
+          MARK: localGatewayMark || 0,
+          UP_SCRIPT: `ip address add ${local.address} dev ${dev}; ip link set dev ${dev} mtu ${tunMtu}; ip link set ${dev} up; env ${envs} $HOME/nextgen-network/scripts/postup.sh &> /dev/stdout`,
+          DOWN_SCRIPT: `env ${envs} $HOME/nextgen-network/scripts/predown.sh &> /dev/stdout`
+        },
+      };
+    }
+
    //console.log(local.name, name, mtu);

    if (outbound) {