scripts

ansible/protocols/ipip/wg.yaml

+- name: conf
+  template:
+    src: wg.conf.j2
+    dest: '/etc/wireguard/{{conn.name}}.conf'
+- name: enable
+  systemd:
+    name: 'wg-quick@{{conn.name}}'
+    state: started
+    enabled: yes
\ No newline at end of file

ansible/scripts/predown.sh

 #!/usr/bin/env bash
-set -e
 
 if [ "$inbound" != true ] ; then
   ip rule del fwmark "$remoteMark" table "$remoteMark" pref 300
@@ -17,3 +16,6 @@ iptables -t mangle -D FORWARD -o "$dev" -p tcp -m tcp --tcp-flags SYN,RST SYN -m
 iptables -t mangle -D PREROUTING -i "$dev" -m set ! --match-set mycard src -j CONNMARK --set-xmark "$remoteMark"
 iptables -t mangle -D PREROUTING -m connmark --mark "$remoteMark" -j CONNMARK --restore-mark
 iptables -t mangle -D OUTPUT -m connmark --mark "$remoteMark" -j CONNMARK --restore-mark
+
+# predown 始终返回成功。
+true
\ No newline at end of file

src/inventory.ts

@@ -39,8 +39,8 @@ class InventoryBuilder {
         const from = this.hosts[h][host.name];
         if (from && to) {
           // 非对称连接
-          connections.push(this.parse_connection(host, this.hosts[h], to, false));
-          connections.push(this.parse_connection(host, this.hosts[h], from, false, true));
+          connections.push(this.parse_connection(host, this.hosts[h], to, false, host.id > this.hosts[h].id));
+          connections.push(this.parse_connection(host, this.hosts[h], from, false, host.id < this.hosts[h].id));
         } else if (from || to) {
           // 对称连接
           connections.push(this.parse_connection(host, this.hosts[h], from || to, !!to));

update.sh

@@ -2,7 +2,7 @@
 set -e
 
 echo "现在会真正去部署了，请务必带 --limit 运行。"
-echo "现在开放测试的节点：south.mycard.moe,yuzurisa.mycard.moe,hk-hkg-alql2.mycard.moe"
+echo "现在开放测试的节点：south.mycard.moe,yuzurisa.mycard.moe,hk-hkg-alql2.mycard.moe,ayane.mycard.moe"
 
 read -p '确认无误后按回车继续'