|
@@ -1,7 +1,7 @@
|
|
#
|
|
#
|
|
# Wireguard VPNs
|
|
# Wireguard VPNs
|
|
#
|
|
#
|
|
-{% set tunnels = salt['pillar.get']('nodes:' ~ grains.id ~ ':wireguard', {}) %}
|
|
|
|
|
|
+{% set wg_cfg = salt['pillar.get']('nodes:' ~ grains.id ~ ':wireguard', {}) %}
|
|
|
|
|
|
|
|
|
|
include:
|
|
include:
|
|
@@ -24,13 +24,14 @@ Cleanup /etc/wireguard:
|
|
- clean: true
|
|
- clean: true
|
|
# Add cleanup action for active tunnels
|
|
# Add cleanup action for active tunnels
|
|
|
|
|
|
-{% for iface, tunnel_config in tunnels.items () %}
|
|
|
|
|
|
+{% for iface, tunnel_config in wg_cfg.get ('tunnels', {}).items () %}
|
|
/etc/wireguard/{{ iface }}.conf:
|
|
/etc/wireguard/{{ iface }}.conf:
|
|
file.managed:
|
|
file.managed:
|
|
- source: salt://wireguard/wireguard.conf.tmpl
|
|
- source: salt://wireguard/wireguard.conf.tmpl
|
|
- template: jinja
|
|
- template: jinja
|
|
- context:
|
|
- context:
|
|
config: {{ tunnel_config }}
|
|
config: {{ tunnel_config }}
|
|
|
|
+ privkey: {{ wg_cfg.get ('privkey') }}
|
|
- require:
|
|
- require:
|
|
- file: Create /etc/wireguard
|
|
- file: Create /etc/wireguard
|
|
- require_in:
|
|
- require_in:
|