diff --git a/bundles/wireguard/metadata.py b/bundles/wireguard/metadata.py index 8a7d345..51fac8e 100644 --- a/bundles/wireguard/metadata.py +++ b/bundles/wireguard/metadata.py @@ -20,27 +20,38 @@ defaults = { 'systemd-networkd/networks', ) def systemd_networkd_networks(metadata): + wg0 = { + 'Match': { + 'Name': 'wg0', + }, + 'Address': { + 'Address': metadata.get('wireguard/my_ip'), + }, + 'Route': { + 'Destination': str(ip_interface(metadata.get('wireguard/my_ip')).network), + 'GatewayOnlink': 'yes', + }, + 'Network': { + 'DHCP': 'no', + 'IPForward': 'yes', + 'IPMasquerade': 'yes', + 'IPv6AcceptRA': 'no', + }, + } + + for peer in metadata.get('wireguard/peers').values(): + for route in peer.get('route', []): + wg0.update({ + f'Route#{route}': { + 'Gateway': str(ip_interface(metadata.get('wireguard/my_ip')).ip), + 'Destination': route, + } + }) + return { 'systemd-networkd': { 'networks': { - 'wg0': { - 'Match': { - 'Name': 'wg0', - }, - 'Address': { - 'Address': metadata.get('wireguard/my_ip'), - }, - 'Route': { - 'Destination': str(ip_interface(metadata.get('wireguard/my_ip')).network), - 'GatewayOnlink': 'yes', - }, - 'Network': { - 'DHCP': 'no', - 'IPForward': 'yes', - 'IPMasquerade': 'yes', - 'IPv6AcceptRA': 'no', - }, - }, + 'wg0': wg0, }, }, } diff --git a/nodes/htz.mails.py b/nodes/htz.mails.py index 745aa2f..a9f6cdb 100644 --- a/nodes/htz.mails.py +++ b/nodes/htz.mails.py @@ -85,16 +85,12 @@ # ip r add 10.0.0.0/24 via 172.19.136.2 dev wg0 'my_ip': '172.19.136.2/22', 'peers': { - 'home.server': {}, - }, - }, - 'systemd-networkd': { - 'networks': { - 'wg0': { - 'Route#10.0.0.0/24': { - 'Gateway': '172.19.136.2', - 'Destination': '10.0.0.0/24', - }, + 'home.server': { + 'route': [ + '10.0.0.0/24', + '10.0.2.0/24', + '10.0.9.0/24', + ] }, }, },