Wireguard overlay network setup

Need to migrate away from networkd, because it can't add new wireguard peers now out of the box without hacks. [1]: https://github.com/systemd/systemd/issues/25547
author: Dmitry Ilvokhin <d@ilvokhin.com> 2024-05-19 17:02:45 +0100
committer: Dmitry Ilvokhin <d@ilvokhin.com> 2024-05-19 17:02:45 +0100
commit: b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6 (patch)
tree: 48bc7a65415aa039c22575cf3c3919b5a4cea0f5 /roles/wgnet/templates/wg0.netdev.j2
parent: 588e86b33df631382027862ed06bfd11e989e01b (diff)
download: infra-b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6.tar.gz
infra-b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6.tar.bz2
infra-b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/roles/wgnet/templates/wg0.netdev.j2 b/roles/wgnet/templates/wg0.netdev.j2
new file mode 100644
index 0000000..d258010
--- /dev/null
+++ b/roles/wgnet/templates/wg0.netdev.j2
@@ -0,0 +1,18 @@
+[NetDev]
+Name=wg0
+Kind=wireguard
+Description="Wireguard Overlay Network"
+
+[WireGuard]
+ListenPort=51820
+PrivateKey={{ wireguard_private_key }}
+
+# flame
+[WireGuardPeer]
+PublicKey=YUuBBTKHXsD6tTzcAVWXakZffWKlGS5fAdx7zWSXtlI=
+AllowedIPs=10.0.0.2/32
+
+# water
+[WireGuardPeer]
+PublicKey=X0Gw37N+AUkZjiyZ9buZ8c2ZzFr+niX3FZjxlyqQq0Q=
+AllowedIPs=10.0.0.3/32
author	Dmitry Ilvokhin <d@ilvokhin.com>	2024-05-19 17:02:45 +0100
committer	Dmitry Ilvokhin <d@ilvokhin.com>	2024-05-19 17:02:45 +0100
commit	b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6 (patch)
tree	48bc7a65415aa039c22575cf3c3919b5a4cea0f5 /roles/wgnet/templates/wg0.netdev.j2
parent	588e86b33df631382027862ed06bfd11e989e01b (diff)
download	infra-b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6.tar.gz infra-b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6.tar.bz2 infra-b4a12dbbf4a4759bf24975ca9bfc5096c90ae8b6.zip