move global post scripts

5ae95f8a · nanahira · b7d04ab1 · 5ae95f8a · 5ae95f8a · 5ae95f8a
Commit 5ae95f8a authored Feb 23, 2020 by nanahira
4 changed files
--- a/ansible/configure.yaml
+++ b/ansible/configure.yaml
@@ -2,16 +2,16 @@
 - hosts: wg
  become: true
  tasks:
-    - name: postup
+    - name: post scripts
      template:
-        src: scripts/postup.sh.j2
+        src: scripts/{{item}}.sh.j2
-        dest: '/etc/wireguard/postup.sh'
+        dest: '/etc/wireguard/{{item}}.sh'
-        mode: a+x
-    - name: predown
-      template:
-        src: scripts/predown.sh.j2
-        dest: '/etc/wireguard/predown.sh'
        mode: a+x
+      with_items:
+        - postup
+        - predown
+        - global-postup
+        - global-postdown
 # 为了提高测试时候的性能，不改动wg的时候注释掉这段
    #- name: 'clean up null connections first'
    #  include_tasks: 'protocols/{{item.protocol}}/configure.yaml'

--- a/ansible/scripts/global-postdown.sh.j2
+++ b/ansible/scripts/global-postdown.sh.j2
+#!/usr/bin/env bash
+# ipset
+ipset destroy mycard
+{% for gateway in gateways %}
+{% if gateway.route_tail != "" %}
+ip route del default {{gateway.route_tail}} table {{gateway.mark}}
+{% endif %}
+{% if gateway.route_tail != "" or gateway.isp == "tr069" %}
+ip rule del pref 301 fwmark {{gateway.mark}} lookup {{gateway.mark}}
+{% endif %}
+{% endfor %}
+exit 0
--- a/ansible/scripts/global-postup.sh.j2
+++ b/ansible/scripts/global-postup.sh.j2
+#!/usr/bin/env bash
+# ipset
+ipset create mycard hash:net family inet
+{% for subnet in all_subnets %}
+ipset add mycard {{subnet}}
+{% endfor %}
+# 针对网关设置mark
+{% for gateway in gateways %}
+{% if gateway.route_tail != "" %}
+ip route add default {{gateway.route_tail}} table {{gateway.mark}}
+{% endif %}
+{% if gateway.route_tail != "" or gateway.isp == "tr069" %}
+ip rule add pref 301 fwmark {{gateway.mark}} lookup {{gateway.mark}}
+{% endif %}
+{% endfor %}
+exit 0
--- a/ansible/scripts/postup.sh.j2
+++ b/ansible/scripts/postup.sh.j2
 #!/usr/bin/env bash
 #set -e
-if [ "$dev" == "mc-yangtze" ] ; then
-  # 初始化部分，mc-yangtze一定是第一个连接的
-  # 创建 ipset
-  ipset create mycard hash:net family inet
-{% for subnet in all_subnets %}
-  ipset add mycard {{subnet}}
-{% endfor %}
-  # 针对网关设置mark
-{% for gateway in gateways %}
-{% if gateway.route_tail != "" %}
-  ip route add default {{gateway.route_tail}} table {{gateway.mark}}
-{% endif %}
-{% if gateway.route_tail != "" or gateway.isp == "tr069" %}
-  ip rule add pref 301 fwmark {{gateway.mark}} lookup {{gateway.mark}}
-{% endif %}
-{% endfor %}
-fi
 ip addr add "$localPeerAddress" peer "$remotePeerAddress" dev "$dev" scope link
 if [ "$outbound" == True ] ; then