scripts

5db4c700 · 神楽坂玲奈 · 1184935d · 5db4c700 · 5db4c700 · 5db4c700
Commit 5db4c700 authored Feb 08, 2020 by 神楽坂玲奈
4 changed files
--- a/ansible/install.yaml
+++ b/ansible/install.yaml
@@ -9,12 +9,12 @@
      copy:
        src: scripts/postup.sh
        dest: '/etc/wireguard/postup.sh'
-        mode: u+x
+        mode: a+x
    - name: predown
      copy:
        src: scripts/predown.sh
        dest: '/etc/wireguard/predown.sh'
-        mode: u+x
+        mode: a+x
    - name: 'loop through list from a variable'
      include_tasks: 'protocols/{{item.protocol}}/{{item.protocol}}.yaml'
      vars:

--- a/ansible/protocols/wg/wg.conf.j2
+++ b/ansible/protocols/wg/wg.conf.j2
 [Interface]
-Address = {{address}}
+Address = {{address}}/32
 PrivateKey = {{key}}
 ListenPort = {{conn.localPort}}
 {% if gwmark is defined %}
 FwMark = {{conn.localGatewayMark}}
 {% endif %}
 Table = off
-PostUp = "dev='%i' localPeerAddress='{{conn.localPeerAddress}}' remoteMark='{{conn.remoteMark}}' {% if conn.inbound is defined %}inbound='{{conn.inbound}}'{% endif %} {% if conn.mtu is defined %}mtu='{{conn.mtu}}'{% endif %} /etc/wireguard/postup.sh"
-PreDown = "dev='%i' localPeerAddress='{{conn.localPeerAddress}}' remoteMark='{{conn.remoteMark}}' {% if conn.inbound is defined %}inbound='{{conn.inbound}}'{% endif %} {% if conn.mtu is defined %}mtu='{{conn.mtu}}'{% endif %} /etc/wireguard/predown.sh"
+PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} {% if conn.inbound is defined %}inbound={{conn.inbound}}{% endif %} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/postup.sh
+PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} {% if conn.inbound is defined %}inbound={{conn.inbound}}{% endif %} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/predown.sh
 [Peer]
 PublicKey = {{conn.wgPublicKey}}
 AllowedIPs = 0.0.0.0/0, ::/0
-{% if endpoint is not defined %}
+{% if conn.remoteAddress is defined %}
 Endpoint = {{conn.remoteAddress}}:{{conn.remotePort}}
 {% endif %}

--- a/ansible/protocols/wg/wg.yaml
+++ b/ansible/protocols/wg/wg.yaml
@@ -2,3 +2,8 @@
  template:
    src: wg.conf.j2
    dest: '/etc/wireguard/{{conn.name}}.conf'
+- name: enable
+  systemd:
+    name: 'wg-quick@{{conn.name}}'
+    state: started
+    enabled: yes
\ No newline at end of file
--- a/ansible/scripts/postup.sh
+++ b/ansible/scripts/postup.sh
 #!/usr/bin/env bash
 set -e

-ip addr add "$loadlPeerAddress" peer "$remotePeerAddress" dev "$dev"
+ip addr add "$localPeerAddress" peer "$remotePeerAddress" dev "$dev"

-if [ "$inbound" != true ] ; then
+if [ "$inbound" != True ] ; then
  ip route add default dev "$dev" table "$remoteMark"
  ip rule add fwmark "$remoteMark" table "$remoteMark" pref 300
 fi