From ee9616ff128fe3938dc3490cbdb42298a5630742 Mon Sep 17 00:00:00 2001 From: Dmitry Ilvokhin Date: Sat, 15 Jun 2024 19:15:19 +0100 Subject: Rename wg1 interface to wgvpn0 --- roles/wgvpn/files/wgvpn.conf | 2 -- roles/wgvpn/files/wgvpn0.conf | 2 ++ roles/wgvpn/handlers/main.yml | 2 +- roles/wgvpn/tasks/main.yml | 10 +++++----- roles/wgvpn/templates/wg1.conf.j2 | 17 ----------------- roles/wgvpn/templates/wgvpn0.conf.j2 | 17 +++++++++++++++++ 6 files changed, 25 insertions(+), 25 deletions(-) delete mode 100644 roles/wgvpn/files/wgvpn.conf create mode 100644 roles/wgvpn/files/wgvpn0.conf delete mode 100644 roles/wgvpn/templates/wg1.conf.j2 create mode 100644 roles/wgvpn/templates/wgvpn0.conf.j2 diff --git a/roles/wgvpn/files/wgvpn.conf b/roles/wgvpn/files/wgvpn.conf deleted file mode 100644 index 7ed621e..0000000 --- a/roles/wgvpn/files/wgvpn.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Resolve] -DNSStubListenerExtra=10.0.1.1 diff --git a/roles/wgvpn/files/wgvpn0.conf b/roles/wgvpn/files/wgvpn0.conf new file mode 100644 index 0000000..7ed621e --- /dev/null +++ b/roles/wgvpn/files/wgvpn0.conf @@ -0,0 +1,2 @@ +[Resolve] +DNSStubListenerExtra=10.0.1.1 diff --git a/roles/wgvpn/handlers/main.yml b/roles/wgvpn/handlers/main.yml index ebfb208..3694132 100644 --- a/roles/wgvpn/handlers/main.yml +++ b/roles/wgvpn/handlers/main.yml @@ -1,6 +1,6 @@ - name: Restart wgvpn ansible.builtin.service: - name: wg-quick@wg1 + name: wg-quick@wgvpn0 state: restarted - name: Restart systemd-resolved diff --git a/roles/wgvpn/tasks/main.yml b/roles/wgvpn/tasks/main.yml index 3f50152..4b9e7db 100644 --- a/roles/wgvpn/tasks/main.yml +++ b/roles/wgvpn/tasks/main.yml @@ -1,7 +1,7 @@ - name: Configure WireGuard for wgvpn ansible.builtin.template: - src: templates/wg1.conf.j2 - dest: /etc/wireguard/wg1.conf + src: templates/wgvpn0.conf.j2 + dest: /etc/wireguard/wgvpn0.conf owner: root group: root mode: u+rw,g-rw,o-rw @@ -17,8 +17,8 @@ - name: Configure systemd-resolved for wgvpn ansible.builtin.copy: - src: files/wgvpn.conf - dest: /etc/systemd/resolved.conf.d/wgvpn.conf + src: files/wgvpn0.conf + dest: /etc/systemd/resolved.conf.d/wgvpn0.conf owner: root group: root mode: u+rw,g+r,o+r @@ -26,6 +26,6 @@ - name: Enable WireGuard service for wgvpn ansible.builtin.service: - name: wg-quick@wg1 + name: wg-quick@wgvpn0 enabled: yes state: started diff --git a/roles/wgvpn/templates/wg1.conf.j2 b/roles/wgvpn/templates/wg1.conf.j2 deleted file mode 100644 index bb95632..0000000 --- a/roles/wgvpn/templates/wg1.conf.j2 +++ /dev/null @@ -1,17 +0,0 @@ -[Interface] -PrivateKey = {{ wireguard_private_key }} -Address = 10.0.1.1/24 -ListenPort = 51821 - -PostUp = iptables -A FORWARD -i %i -j ACCEPT -PostUp = iptables -A FORWARD -o %i -j ACCEPT -PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE - -PostDown = iptables -D FORWARD -i %i -j ACCEPT -PostDown = iptables -D FORWARD -o %i -j ACCEPT -PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE - -# earth -[Peer] -PublicKey = HhBhDQmGzltIGQOn+clbRIkQt7ocPAuqsUS+ytinIwU= -AllowedIPs = 10.0.1.2/32 diff --git a/roles/wgvpn/templates/wgvpn0.conf.j2 b/roles/wgvpn/templates/wgvpn0.conf.j2 new file mode 100644 index 0000000..bb95632 --- /dev/null +++ b/roles/wgvpn/templates/wgvpn0.conf.j2 @@ -0,0 +1,17 @@ +[Interface] +PrivateKey = {{ wireguard_private_key }} +Address = 10.0.1.1/24 +ListenPort = 51821 + +PostUp = iptables -A FORWARD -i %i -j ACCEPT +PostUp = iptables -A FORWARD -o %i -j ACCEPT +PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE + +PostDown = iptables -D FORWARD -i %i -j ACCEPT +PostDown = iptables -D FORWARD -o %i -j ACCEPT +PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE + +# earth +[Peer] +PublicKey = HhBhDQmGzltIGQOn+clbRIkQt7ocPAuqsUS+ytinIwU= +AllowedIPs = 10.0.1.2/32 -- cgit v1.2.3-70-g09d2