mullvad_uplink fix

roles/configure_iptables/templates/ip6tables.rules

@@ -14,6 +14,9 @@
 {% for peer in groups['ffrl_uplink'] %}
 -A PREROUTING -i bb{{ hostvars[peer]['wireguard_bb_name'] }} ! -s fe80::/64 ! -d fe80::/64 -j MARK --set-xmark 0x1/0xffffffff
 {% endfor %}
+{% for peer in groups['mullvad_uplink'] %}
+-A PREROUTING -i bb{{ hostvars[peer]['wireguard_bb_name'] }} ! -s fe80::/64 ! -d fe80::/64 -j MARK --set-xmark 0x1/0xffffffff
+{% endfor %}
 {% endif %}
 {% if 'mullvad_uplink' in group_names %}
 {% for peer in groups['fastd'] %}
@@ -55,16 +58,23 @@ COMMIT
 {% if 'fastd' in group_names %}
 {% for peer in groups['ffrl_uplink'] %}
 -A INPUT -i bb{{ hostvars[peer]['wireguard_bb_name'] }} -p udp --dport 6696 -j ACCEPT
+-A INPUT -p udp --dport {{ hostvars[peer]['wireguard_bb_port'] }} -j ACCEPT
+{% endfor %}
+{% for peer in groups['mullvad_uplink'] %}
+-A INPUT -i bb{{ hostvars[peer]['wireguard_bb_name'] }} -p udp --dport 6696 -j ACCEPT
+-A INPUT -p udp --dport {{ hostvars[peer]['wireguard_bb_port'] }} -j ACCEPT
 {% endfor %}
 {% endif %}
 {% if 'mullvad_uplink' in group_names %}
 {% for peer in groups['fastd'] %}
 -A INPUT -i bb{{ hostvars[peer]['wireguard_bb_name'] }} -p udp --dport 6696 -j ACCEPT
+-A INPUT -p udp --dport {{ hostvars[peer]['wireguard_bb_port'] }} -j ACCEPT
 {% endfor %}
 {% endif %}
 {% if 'ffrl_uplink' in group_names %}
 {% for peer in groups['fastd'] %}
 -A INPUT -i bb{{ hostvars[peer]['wireguard_bb_name'] }} -p udp --dport 6696 -j ACCEPT
+-A INPUT -p udp --dport {{ hostvars[peer]['wireguard_bb_port'] }} -j ACCEPT
 {% endfor %}
 {% endif %}
 # MOSH

roles/install_wireguard_backbone/tasks/fastd_tasks.yml

@@ -4,21 +4,27 @@
       src: wg.conf.j2
       dest: /etc/wireguard/wgbb{{ hostvars[item]['wireguard_bb_name'] }}.conf
       mode: 0400
-  with_items: "{{ groups['ffrl_uplink'] }}"
+  with_items:
+      - "{{ groups['mullvad_uplink'] }}"
+      - "{{ groups['ffrl_uplink'] }}"
 
 - name: create wireguard up scripts for peers
   template:
       src: up.sh.j2
       dest: /etc/wireguard/upbb{{ hostvars[item]['wireguard_bb_name'] }}.sh
       mode: 0744
-  with_items: "{{ groups['ffrl_uplink'] }}"
+  with_items: 
+      - "{{ groups['mullvad_uplink'] }}"
+      - "{{ groups['ffrl_uplink'] }}"
 
 - name: create wireguard down scripts for peers
   template:
       src: down.sh.j2
       dest: /etc/wireguard/downbb{{ hostvars[item]['wireguard_bb_name'] }}.sh
       mode: 0744
-  with_items: "{{ groups['ffrl_uplink'] }}"
+  with_items: 
+      - "{{ groups['mullvad_uplink'] }}"
+      - "{{ groups['ffrl_uplink'] }}"
 
 - name: start and enable wireguard mesh
   systemd:
@@ -26,4 +32,6 @@
       enabled: yes
       state: started
       daemon_reload: yes
-  with_items: "{{ groups['ffrl_uplink'] }}"
+  with_items: 
+      - "{{ groups['mullvad_uplink'] }}"
+      - "{{ groups['ffrl_uplink'] }}"