39 lines
1.0 KiB
Plaintext
39 lines
1.0 KiB
Plaintext
wireguard-tools:
|
|
pkg.installed: []
|
|
|
|
/etc/systemd/system/wireguard@.service:
|
|
file.managed:
|
|
- source: salt://wireguard/wireguard.service
|
|
- template: 'jinja'
|
|
- context:
|
|
gateway: {{ pillar['hosts-inet']['core']['upstream1'] }}
|
|
endpoints:
|
|
{%- for instance, conf in pillar['wireguard-instances'].items() %}
|
|
{%- for peer in conf['peers'] %}
|
|
- {{ peer['endpoint'] }}
|
|
{%- endfor %}
|
|
{%- endfor %}
|
|
|
|
{%- for instance, conf in pillar['wireguard-instances'].items() %}
|
|
/etc/wireguard/{{ instance }}.conf:
|
|
file.managed:
|
|
- source: salt://wireguard/wireguard.conf
|
|
- template: 'jinja'
|
|
- context: {{ conf }}
|
|
- mode: 600
|
|
|
|
autostart-wg-{{ instance }}:
|
|
service.enabled:
|
|
- name: wireguard@{{ instance }}
|
|
require:
|
|
- file: /etc/wireguard/{{ instance }}.conf
|
|
|
|
start-wg-{{ instance }}:
|
|
service.running:
|
|
- name: wireguard@{{ instance }}
|
|
require:
|
|
- service: autostart-wg-{{ instance }}
|
|
watch:
|
|
- file: /etc/wireguard/{{ instance }}.conf
|
|
{%- endfor %}
|