fastd: move intergw peers into fastd.conf

no need for gateways folder anymore

fastd/fastd.conf

@@ -49,7 +49,7 @@ on down "
 	batctl -m {{ bat_iface }} if del $INTERFACE
 ";
 
-{%- if 'nodes' in network %}
+{%- if network_type == 'nodes' %}
 #on establish    async "/usr/local/bin/ff_log_vpnpeer establish";
 #on disestablish async "/usr/local/bin/ff_log_vpnpeer disestablish";
 
@@ -57,6 +57,32 @@ include peers from "/etc/freifunk/peers";
   {%- if peer_limit %}
 peer limit {{ peer_limit }};
   {%- endif %}
-{%- elif 'intergw' in network %}
-include peers from "gateways";
+{%- elif network_type == 'intergw' %}
+
+#
+# Set up Inter-Gw-VPN link to all nodes of this site
+  {%- for peer, peer_config in salt['pillar.get']('nodes').items ()|sort if peer != grains.id %}
+    {%- if site not in peer_config.get ('sites', {}) or 'fastd' not in peer_config %}
+      {%- continue %}
+    {%- endif %}
+    {%- set no_peer = peer_config.get('fastd', {}).get('no_peer', False) %}
+
+# Peer config for {{ peer }}
+peer "{{ peer }}" {
+	key "{{ peer_config.get('fastd', {}).get('intergw_pubkey') }}";
+    {%- if not no_peer %}
+      {%- set ips = salt['ffho_net.get_node_iface_ips'](peer_config, 'vrf_external') %}
+
+      {#- set peer IPv4 address #}
+      {%- for ipv4 in ips['v4'] %}
+	remote {{ ipv4 }}:{{ port }};
+      {%- endfor %}
+
+      {#- set peer IPv6 address #}
+      {%- for ipv6 in ips['v6'] %}
+	remote [{{ ipv6 }}]:{{ port }};
+      {%- endfor %}
+    {%- endif %}
+}
+  {%- endfor %}
 {%- endif %}

fastd/init.sls

@@ -79,7 +79,6 @@ fastd:
       peer_limit: {{ node_config.get('fastd', {}).get('peer_limit', False) }}
     - require:
       - file: /etc/fastd/{{ instance_name }}
-    - watch_in:
   
 /etc/fastd/{{ instance_name }}/secret.conf:
   file.absent
@@ -89,7 +88,6 @@ fastd:
 fastd@{{ instance_name }}:
   service.running:
     - enable: True
-    - reload: True
     - require:
       - file: /etc/systemd/system/fastd@.service
       - file: /etc/fastd/{{ instance_name }}/fastd.conf
@@ -98,44 +96,14 @@ fastd@{{ instance_name }}:
       - file: /etc/fastd/{{ instance_name }}/fastd.conf
     {% if network in ['nodes4', 'nodes6'] %}
       - git: peers-git
-    {% else %}
-      - file: /etc/fastd/{{ instance_name }}/gateways/*
     {% endif %}
   {% endfor %} # // foreach network in $site
 
 
 #
-# Generate Inter-GW peers from pillar
+# Remove old Inter-GW peers folder
 /etc/fastd/{{ site }}_intergw/gateways:
-  file.directory:
-    - makedirs: true
-    - mode: 755
-    - require:
-      - file: /etc/fastd/{{ site }}_intergw
-
-#
-# Set up Inter-Gw-VPN link to all nodes of this site
-  {% set has_ipv6 = False %}
-  {% if  salt['ffho_net.get_node_iface_ips'](node_config, 'vrf_external')['v6']|length %}
-    {% set has_ipv6 = True %}
-  {% endif %}
-  {% for node, peer_config in salt['pillar.get']('nodes').items ()|sort  %}
-/etc/fastd/{{ site }}_intergw/gateways/{{ node }}:
-    {% if site in peer_config.get ('sites', {}) and 'fastd' in peer_config %}
-  file.managed:
-    - source: salt://fastd/inter-gw.peer.tmpl
-    - template: jinja
-      site: {{ site }}
-      site_no: {{ site_no }}
-      has_ipv6: {{ has_ipv6 }}
-      node: {{ node }}
-      pubkey: {{ peer_config.get('fastd', {}).get('intergw_pubkey') }}
-    - require:
-      - file: /etc/fastd/{{ site }}_intergw/gateways
-    {% else %}
   file.absent
-    {% endif %}
-  {% endfor %} # // foreach node
 {% endfor %} # // foreach site
 
 

fastd/inter-gw.peer.tmpl

@@ -1,18 +0,0 @@
-# Peer config for {{ node }} in site {{ site }} (Salt managed)
-{%- set node_config = salt['pillar.get']('nodes:' ~ node) %}
-{%- set no_peer = salt['pillar.get']('nodes:' ~ node ~ ':fastd:no_peer', False) %}
-{%- set ips = salt['ffho_net.get_node_iface_ips'](node_config, 'vrf_external') %}
-
-{%- if not no_peer %}
-  {%- set port = 11000 + site_no|int %}
-  {%- for ipv4 in ips['v4'] %}
-remote ipv4 "{{ ipv4 }}" port {{ port }};
-  {%- endfor %}
-  {%- if has_ipv6 %}
-    {%- for ipv6 in ips['v6'] %}
-remote ipv6 "{{ ipv6 }}" port {{ port }};
-    {%- endfor %}
-  {%- endif %}
-{%- endif %}
-
-key "{{ pubkey }}";