From a35d8e570b8bc0d1da4d9a2db17ca3aeaeaf5374 Mon Sep 17 00:00:00 2001 From: Dmitry Ilvokhin Date: Sat, 15 Jun 2024 19:05:54 +0100 Subject: Rename wg2 interface to wgtor0 --- roles/wgtor/handlers/main.yml | 2 +- roles/wgtor/tasks/main.yml | 6 +++--- roles/wgtor/templates/wg2.conf.j2 | 22 ---------------------- roles/wgtor/templates/wgtor0.conf.j2 | 22 ++++++++++++++++++++++ 4 files changed, 26 insertions(+), 26 deletions(-) delete mode 100644 roles/wgtor/templates/wg2.conf.j2 create mode 100644 roles/wgtor/templates/wgtor0.conf.j2 diff --git a/roles/wgtor/handlers/main.yml b/roles/wgtor/handlers/main.yml index 9f1d3c5..dfc1cb2 100644 --- a/roles/wgtor/handlers/main.yml +++ b/roles/wgtor/handlers/main.yml @@ -3,5 +3,5 @@ # hooks. - name: Restart wgtor ansible.builtin.service: - name: wg-quick@wg2 + name: wg-quick@wgtor0 state: restarted diff --git a/roles/wgtor/tasks/main.yml b/roles/wgtor/tasks/main.yml index 68a4aee..d8f04aa 100644 --- a/roles/wgtor/tasks/main.yml +++ b/roles/wgtor/tasks/main.yml @@ -1,7 +1,7 @@ - name: Configure WireGuard for wgtor ansible.builtin.template: - src: templates/wg2.conf.j2 - dest: /etc/wireguard/wg2.conf + src: templates/wgtor0.conf.j2 + dest: /etc/wireguard/wgtor0.conf owner: root group: root mode: u+rw,g-rw,o-rw @@ -9,6 +9,6 @@ - name: Enable WireGuard service for wgtor ansible.builtin.service: - name: wg-quick@wg2 + name: wg-quick@wgtor0 enabled: yes state: started diff --git a/roles/wgtor/templates/wg2.conf.j2 b/roles/wgtor/templates/wg2.conf.j2 deleted file mode 100644 index 5d72891..0000000 --- a/roles/wgtor/templates/wg2.conf.j2 +++ /dev/null @@ -1,22 +0,0 @@ -[Interface] -PrivateKey = {{ wireguard_private_key }} -Address = 10.0.2.1/24 -ListenPort = 51822 - -# See for source of iptables rules. -# https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxy - -PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353 -PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353 -PostUp = iptables -t nat -A PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040 -PostUp = iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040 - -PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353 -PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353 -PostDown = iptables -t nat -D PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040 -PostDown = iptables -t nat -D OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040 - -# earth -[Peer] -PublicKey = HhBhDQmGzltIGQOn+clbRIkQt7ocPAuqsUS+ytinIwU= -AllowedIPs = 10.0.2.2/32 diff --git a/roles/wgtor/templates/wgtor0.conf.j2 b/roles/wgtor/templates/wgtor0.conf.j2 new file mode 100644 index 0000000..5d72891 --- /dev/null +++ b/roles/wgtor/templates/wgtor0.conf.j2 @@ -0,0 +1,22 @@ +[Interface] +PrivateKey = {{ wireguard_private_key }} +Address = 10.0.2.1/24 +ListenPort = 51822 + +# See for source of iptables rules. +# https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxy + +PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353 +PostUp = iptables -t nat -A PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353 +PostUp = iptables -t nat -A PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040 +PostUp = iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040 + +PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 53 -j REDIRECT --to-ports 5353 +PostDown = iptables -t nat -D PREROUTING -i %i -p udp --dport 5353 -j REDIRECT --to-ports 5353 +PostDown = iptables -t nat -D PREROUTING -i %i -p tcp --syn -j REDIRECT --to-ports 9040 +PostDown = iptables -t nat -D OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040 + +# earth +[Peer] +PublicKey = HhBhDQmGzltIGQOn+clbRIkQt7ocPAuqsUS+ytinIwU= +AllowedIPs = 10.0.2.2/32 -- cgit v1.2.3-70-g09d2