diff --git a/bundles/wireguard/metadata.py b/bundles/wireguard/metadata.py index e9253ed..43a1984 100644 --- a/bundles/wireguard/metadata.py +++ b/bundles/wireguard/metadata.py @@ -7,11 +7,11 @@ from bundlewrap.metadata import atomic defaults = { 'apt': { 'packages': { - 'linux-headers-generic': {}, + 'linux-headers-amd64': {}, 'wireguard': { 'backports': True, 'needs': [ - 'pkg_apt:linux-headers-generic', + 'pkg_apt:linux-headers-amd64', ], 'triggers': [ 'svc_systemd:systemd-networkd:restart', @@ -29,13 +29,17 @@ defaults = { 'systemd-networkd/networks', ) def systemd_networkd_networks(metadata): - wg0 = { + network = { 'Match': { 'Name': 'wg0', }, 'Address': { 'Address': metadata.get('wireguard/my_ip'), }, + 'Route': { + 'Destination': str(ip_interface(metadata.get('wireguard/my_ip')).network), + 'GatewayOnlink': 'yes', + }, 'Network': { 'DHCP': 'no', 'IPForward': 'yes', @@ -45,15 +49,15 @@ def systemd_networkd_networks(metadata): } for peer, config in metadata.get('wireguard/peers').items(): - wg0.update({ - f'Route#{peer}': { - 'Destination': str(ip_interface(repo.get_node(peer).metadata.get(f'wireguard/my_ip')).ip), - 'Gateway': str(ip_interface(metadata.get('wireguard/my_ip')).ip), - 'GatewayOnlink': 'yes', - } - }) + # network.update({ + # f'Route#{peer}': { + # 'Destination': str(ip_interface(repo.get_node(peer).metadata.get(f'wireguard/my_ip')).ip), + # 'Gateway': str(ip_interface(metadata.get('wireguard/my_ip')).ip), + # 'GatewayOnlink': 'yes', + # } + # }) for route in config.get('route', []): - wg0.update({ + network.update({ f'Route#{peer}_{route}': { 'Destination': route, 'Gateway': str(ip_interface(repo.get_node(peer).metadata.get(f'wireguard/my_ip')).ip), @@ -64,7 +68,7 @@ def systemd_networkd_networks(metadata): return { 'systemd-networkd': { 'networks': { - 'wg0': wg0, + 'wireguard': network, }, }, } @@ -74,7 +78,7 @@ def systemd_networkd_networks(metadata): 'systemd-networkd/netdevs', ) def systemd_networkd_netdevs(metadata): - wg0 = { + netdev = { 'NetDev': { 'Name': 'wg0', 'Kind': 'wireguard', @@ -87,7 +91,7 @@ def systemd_networkd_netdevs(metadata): } for name, config in metadata.get('wireguard/peers').items(): - wg0.update({ + netdev.update({ f'WireGuardPeer#{name}': { 'Endpoint': config['endpoint'], 'PublicKey': config['pubkey'], @@ -100,7 +104,7 @@ def systemd_networkd_netdevs(metadata): return { 'systemd-networkd': { 'netdevs': { - 'wg0': wg0, + 'wireguard': netdev, }, }, } diff --git a/nodes/home.server.py b/nodes/home.server.py index 9e8a597..16142fe 100644 --- a/nodes/home.server.py +++ b/nodes/home.server.py @@ -31,7 +31,7 @@ }, }, 'wireguard': { - 'my_ip': '172.19.136.1/22', + 'my_ip': '172.30.0.1/24', 'peers': { 'htz.mails': { 'route': [ diff --git a/nodes/htz.mails.py b/nodes/htz.mails.py index 8b15b8b..96fac7a 100644 --- a/nodes/htz.mails.py +++ b/nodes/htz.mails.py @@ -102,7 +102,7 @@ }, 'wireguard': { # ip r add 10.0.0.0/24 via 172.19.136.2 dev wg0 - 'my_ip': '172.19.136.2/22', + 'my_ip': '172.30.0.2/24', 'peers': { 'home.server': { 'route': [ @@ -112,9 +112,6 @@ ], }, 'netcup.secondary': { - 'route': [ - '46.38.240.0/22', - ], }, }, }, diff --git a/nodes/netcup.secondary.py b/nodes/netcup.secondary.py index 276f7e3..a62923a 100644 --- a/nodes/netcup.secondary.py +++ b/nodes/netcup.secondary.py @@ -18,7 +18,8 @@ }, }, 'wireguard': { - 'my_ip': '172.19.136.3/22', + # 172.19.136.0/22 dev wg0 proto kernel scope link src 172.19.136.3 + 'my_ip': '172.30.0.3/24', 'peers': { 'htz.mails': { 'route': [