route anon1 over upstream1
This commit is contained in:
parent
2c8f10b2e7
commit
c8b7519948
|
@ -10,7 +10,7 @@ hostroutes-{{ name }}:
|
||||||
{%- for a in salt.dnsutil.A(conf['server']) %}
|
{%- for a in salt.dnsutil.A(conf['server']) %}
|
||||||
- ipaddr: {{ a }}
|
- ipaddr: {{ a }}
|
||||||
netmask: 255.255.224.0
|
netmask: 255.255.224.0
|
||||||
gateway: {{ pillar['hosts-inet']['core']['upstream2'] }}
|
gateway: {{ pillar['hosts-inet']['core']['upstream1'] }}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
||||||
/etc/openvpn/{{ name }}.conf:
|
/etc/openvpn/{{ name }}.conf:
|
||||||
|
|
|
@ -6,7 +6,7 @@ wireguard-tools:
|
||||||
- source: salt://wireguard/wireguard.service
|
- source: salt://wireguard/wireguard.service
|
||||||
- template: 'jinja'
|
- template: 'jinja'
|
||||||
- context:
|
- context:
|
||||||
gateway: {{ pillar['hosts-inet']['core']['upstream2'] }}
|
gateway: {{ pillar['hosts-inet']['core']['upstream1'] }}
|
||||||
endpoints:
|
endpoints:
|
||||||
{%- for instance, conf in pillar['wireguard-instances'].items() %}
|
{%- for instance, conf in pillar['wireguard-instances'].items() %}
|
||||||
{%- for peer in conf['peers'] %}
|
{%- for peer in conf['peers'] %}
|
||||||
|
|
|
@ -5,7 +5,7 @@ PartOf=wireguard.service
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
{%- for endpoint in endpoints %}
|
{%- for endpoint in endpoints %}
|
||||||
ExecStart=-/bin/ip route add {{ endpoint }} via {{ gateway }}
|
ExecStart=-/bin/ip route add {{ endpoint }}/32 via {{ gateway }}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
ExecStart=/usr/bin/wg-quick up /etc/wireguard/%i.conf
|
ExecStart=/usr/bin/wg-quick up /etc/wireguard/%i.conf
|
||||||
ExecStop=/usr/bin/wg-quick down /etc/wireguard/%i.conf
|
ExecStop=/usr/bin/wg-quick down /etc/wireguard/%i.conf
|
||||||
|
|
Loading…
Reference in New Issue
Block a user