kreativmonkey
/
ffmyk-ansible
mirror of https://git.niyawe.de/ffmyk-ansible.git
1
1
Fork 0
Code Issues Releases Wiki Activity

fix

Browse Source
master
Niklas Yann Wettengel 7 years ago
parent b7615bd04e
commit 09ae123075
3 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File

4
roles/configure_iptables/templates/ip6tables.rules
Unescape Escape View File

@ -58,6 +58,10 @@ COMMIT
-A INPUT -i bb{{ hostvars[peer]['wireguard_bb_name'] }} -p udp --dport 6696 -j ACCEPT -A INPUT -i bb{{ hostvars[peer]['wireguard_bb_name'] }} -p udp --dport 6696 -j ACCEPT
-A INPUT -p udp --dport {{ hostvars[peer]['wireguard_bb_port'] }} -j ACCEPT -A INPUT -p udp --dport {{ hostvars[peer]['wireguard_bb_port'] }} -j ACCEPT
{% endfor %} {% endfor %}
{% for peer in wireguard_bb_peers|default([]) %}
-A INPUT -i bb{{ peer.name }} -p udp --dport 6696 -j ACCEPT
-A INPUT -p udp --dport {{ peer.port }} -j ACCEPT
{% endfor %}
{% endif %} {% endif %}
# MOSH # MOSH
-A INPUT -p udp -m udp --dport 60000:61000 -j ACCEPT -A INPUT -p udp -m udp --dport 60000:61000 -j ACCEPT

6
roles/install_babeld/templates/babeld.conf.j2
Unescape Escape View File

@ -14,6 +14,9 @@ interface bb{{ hostvars[peer]['wireguard_bb_name'] }}
{% for peer in groups['fastd'] %} {% for peer in groups['fastd'] %}
interface bb{{ hostvars[peer]['wireguard_bb_name'] }} interface bb{{ hostvars[peer]['wireguard_bb_name'] }}
{% endfor %} {% endfor %}
{% for peer in wireguard_bb_peers|default([]) %}
interface bb{{ peer.name }}
{% endfor %}
{% endif %} {% endif %}
# Global options you might want to set. There are many more, see the man page. # Global options you might want to set. There are many more, see the man page.
@ -61,6 +64,7 @@ redistribute if {{ peer.name }} metric 128
# Only redistribute addresses from a given prefix, to avoid redistributing # Only redistribute addresses from a given prefix, to avoid redistributing
# all local addresses # all local addresses
redistribute ip 10.222.0.0/16 allow redistribute ip 10.222.0.0/16 allow
redistribute ip 2001:470:cd45:FF00::/56 allow redistribute ip 2a01:198:70a:ff::0/64 allow
redistribute ip 2001:470:cd45:ff00::/56 allow
redistribute ip 2a03:2260:1016::/48 allow redistribute ip 2a03:2260:1016::/48 allow
redistribute local deny redistribute local deny

8
roles/install_wireguard_backbone/tasks/uplink_tasks.yml
Unescape Escape View File

@ -11,7 +11,7 @@
src: wg2.conf.j2 src: wg2.conf.j2
dest: /etc/wireguard/wgbb{{ item.name }}.conf dest: /etc/wireguard/wgbb{{ item.name }}.conf
mode: 0400 mode: 0400
with_items: "{{ wireguard_bb_peers }}" with_items: "{{ wireguard_bb_peers|default([]) }}"
- name: create wireguard up scripts for fastds - name: create wireguard up scripts for fastds
template: template:
@ -25,7 +25,7 @@
src: up2.sh.j2 src: up2.sh.j2
dest: /etc/wireguard/upbb{{ item.name }}.sh dest: /etc/wireguard/upbb{{ item.name }}.sh
mode: 0744 mode: 0744
with_items: "{{ wireguard_bb_peers }}" with_items: "{{ wireguard_bb_peers|default([]) }}"
- name: create wireguard down scripts for fastds - name: create wireguard down scripts for fastds
template: template:
@ -39,7 +39,7 @@
src: down2.sh.j2 src: down2.sh.j2
dest: /etc/wireguard/downbb{{ item.name }}.sh dest: /etc/wireguard/downbb{{ item.name }}.sh
mode: 0744 mode: 0744
with_items: "{{ wireguard_bb_peers }}" with_items: "{{ wireguard_bb_peers|default([]) }}"
- name: start and enable wireguard mesh for fastds - name: start and enable wireguard mesh for fastds
systemd: systemd:
@ -55,4 +55,4 @@
enabled: yes enabled: yes
state: started state: started
daemon_reload: yes daemon_reload: yes
with_items: "{{ wireguard_bb_peers }}" with_items: "{{ wireguard_bb_peers|default([]) }}"

Write Preview
Loading…
Cancel
Save