wgfrp

ansible/protocols/wg/wg.conf.j2

@@ -13,5 +13,5 @@ PublicKey = {{conn.wgPublicKey}}
 AllowedIPs = 0.0.0.0/0, ::/0
 {% if conn.remoteAddress is defined %}
 Endpoint = {{conn.remoteAddress}}:{{conn.remotePort}}
+PersistentKeepalive = 1
 {% endif %}
-

ansible/protocols/wgfrp/frpc.ini.j2

+[common]
+server_addr = {{conn.remoteAddress}}
+server_port = {{conn.remoteFrpPort}}
+tcp_mux = true
+protocol = tcp
+token = {{frp_token}}
+
+[{{ansible_hostname_short}}_{{conn.name}}]
+privilege_mode = true
+type = udp
+local_ip = 127.0.0.1
+local_port = {{conn.localPort}}
+remote_port = {{conn.localPort}}
+use_encryption = true
+use_compression = true

ansible/protocols/wgfrp/frps.ini.j2

+[common]
+bind_port = {{frp_port}}
+token = {{frp_token}}
+tcp_mux = true

ansible/protocols/wgfrp/frps.yaml

+- name: frps template
+  become: true
+  template:
+    src: 'frps.ini.j2'
+    dest: '/etc/frp/frps.ini'
+- name: start frps
+  become: true
+  systemd:
+    name: 'frps'
+    state: restarted
+    enabled: true

ansible/protocols/wgfrp/wgfrp.conf.j2

+[Interface]
+Address = {{address}}
+PrivateKey = {{key}}
+{% if conn.frp_type == "frpc" %}
+ListenPort = {{conn.localPort}}
+{% endif %}
+{% if gwmark is defined %}
+FwMark = {{conn.localGatewayMark}}
+{% endif %}
+Table = off
+PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/postup.sh
+PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/predown.sh
+[Peer]
+PublicKey = {{conn.wgPublicKey}}
+AllowedIPs = 0.0.0.0/0, ::/0
+{% if conn.frp_type == "frps" %}
+Endpoint = 127.0.0.1:{{conn.remotePort}}
+PersistentKeepalive = 1
+{% endif %}

ansible/protocols/wgfrp/wgfrp.yaml

-- name: placeholder foo
-  debug:
-    msg: 'wgfrp'
+- name: stop，测试用。
+  systemd:
+    name: 'wg-quick@{{conn.name}}'
+    state: stopped
+- name: conf
+  template:
+    src: wgfrp.conf.j2
+    dest: '/etc/wireguard/{{conn.name}}.conf'
+- name: enable
+  systemd:
+    name: 'wg-quick@{{conn.name}}'
+    state: started
+    enabled: yes
+- name: frp directory
+  file:
+    path: /tmp/frp
+    state: directory
+- name: get frp
+  unarchive:
+    src: https://github.com/fatedier/frp/releases/download/v0.31.2/frp_0.31.2_linux_amd64.tar.gz
+    remote_src: true
+    creates:
+      - /tmp/frp/frpc
+      - /tmp/frp/frps
+    dest: /tmp/frp/
+  when: 'ansible_architecture == "x86_64"'
+- name: get frp for arm
+  unarchive:
+    src: https://github.com/fatedier/frp/releases/download/v0.31.2/frp_0.31.2_linux_arm64.tar.gz
+    remote_src: true
+    creates:
+      - /tmp/frp/frpc
+      - /tmp/frp/frps
+    dest: /tmp/frp/
+    extra_opts:
+      - --strip-components=1
+  when: 'ansible_architecture == "aarch64"'
+- name: install frp
+  become: true
+  shell: 'cp -rf /tmp/frp/frpc /usr/bin/ && cp -rf /tmp/frp/frps /usr/bin/ && cp -rf /tmp/frp/systemd/* /usr/lib/systemd/systemd/'
+  name: frp config directory
+  file:
+    path: /tmp/frp
+    state: directory
+- name: frpc template
+  become: true
+  template:
+    src: 'frpc.ini.j2'
+    dest: '/etc/frp/{{conn.name}}.ini'
+  when: 'conn.frp_type == "frpc"'
+- name: start frpc
+  become: true
+  systemd:
+    name: 'frpc@{{conn.name}}'
+    state: restarted
+    enabled: true
+  when: 'conn.frp_type == "frpc"'
+- name: register frps
+  set_fact:
+    frps_needed: 1
+  when: 'conn.frp_type == "frps"'