diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-23 22:10:47 +0200 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-23 22:10:47 +0200 |
| commit | 2622c928f095a446d5181bbb66b9eeb2639bf3a9 (patch) | |
| tree | 9a9cc7c542b1495ae27aa34175269e648accedc7 | |
| parent | Search base. (diff) | |
| download | profiles-2622c928f095a446d5181bbb66b9eeb2639bf3a9.tar.gz profiles-2622c928f095a446d5181bbb66b9eeb2639bf3a9.tar.xz | |
Wireguard work.
| -rw-r--r-- | manifests/wireguard_peer.pp | 17 | ||||
| -rw-r--r-- | manifests/wireguard_server.pp | 17 |
2 files changed, 18 insertions, 16 deletions
diff --git a/manifests/wireguard_peer.pp b/manifests/wireguard_peer.pp index 51df0d8..ea4c65a 100644 --- a/manifests/wireguard_peer.pp +++ b/manifests/wireguard_peer.pp @@ -1,19 +1,20 @@ class profiles::wireguard_peer ( Variant[String,Sensitive[String]] $private_key, Array[Hash] $peers, + Stdlib::IP::Address $network_address, String $ifname = 'wg0', ) { include ::profiles::wireguard networking::networkd_instance { $ifname: - type => 'netdev', - content => { + type => 'netdev', + content => { 'NetDev' => { 'Name' => $ifname, 'Kind' => 'wireguard', 'Description' => "WireGuard tunnel ${ifname}" }, - 'WireGuard' => { + 'WireGuard' => { 'PrivateKey' => $private_key, }, 'WireGuardPeer' => $peers, @@ -21,13 +22,13 @@ class profiles::wireguard_peer ( } networking::networkd_instance { "${ifname}-network": - type => 'network', - content => { - 'Match' => { + type => 'network', + content => { + 'Match' => { 'Name' => $ifname, }, - 'Network' => { - 'Address' => '2001:9b1:eff:a600:22cf:30ff:fe45:629e/128', + 'Network' => { + 'Address' => $network_address, }, } } diff --git a/manifests/wireguard_server.pp b/manifests/wireguard_server.pp index 1f604a2..f8c7592 100644 --- a/manifests/wireguard_server.pp +++ b/manifests/wireguard_server.pp @@ -1,19 +1,20 @@ class profiles::wireguard_server ( Variant[String,Sensitive[String]] $private_key, Array[Hash] $peers, + String $ifname = 'wg0', ) { include ::profiles::wireguard networking::networkd_instance { $ifname: - type => 'netdev', - content => { - 'NetDev' => { + type => 'netdev', + content => { + 'NetDev' => { 'Name' => $ifname, 'Kind' => 'wireguard', 'Description' => "Wireguard tunnel ${ifname}", }, - 'WireGuard' => { + 'WireGuard' => { 'ListenPort' => $profiles::wireguard::port, 'PrivateKey' => $private_key, }, @@ -22,12 +23,12 @@ class profiles::wireguard_server ( } networking::networkd_instance { "${ifname}-network": - type => 'network', - content => { - 'Match' => { + type => 'network', + content => { + 'Match' => { 'Name' => $ifname, }, - 'Route' => { + 'Route' => { 'Destination' => '2001:9b1:eff:a600:22cf:30ff:fe45:629e/128', } } |