MEschenbacher's Wireguard Saltstack Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

init.sls 1.9KB

5 jaren geleden
6 jaren geleden
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869
  1. {% from "wireguard/map.jinja" import wireguard with context %}
  2. wireguard_software:
  3. pkg.installed:
  4. - pkgs:
  5. {%- for pkg in wireguard.packages %}
  6. - {{ pkg }}
  7. {%- endfor %}
  8. {%- if wireguard.get('repository', False) %}
  9. - require:
  10. - pkgrepo: wireguard_repo
  11. wireguard_repo:
  12. pkgrepo.managed:
  13. {%- for k,v in wireguard.repository.items() %}
  14. - {{ k }}: {{ v }}
  15. {%- endfor %}
  16. {%- endif %}
  17. {%- for interface_name, interface_dict in salt['pillar.get']('wireguard:interfaces', {}).items() %}
  18. {% if interface_dict.get('delete', False) %}
  19. stop and disable wg-quick@{{interface_name}}:
  20. service.dead:
  21. - name: wg-quick@{{interface_name}}
  22. - enable: False
  23. remove wireguard_interface_{{interface_name}}:
  24. file.absent:
  25. - name: /etc/wireguard/{{interface_name}}.conf
  26. {% else %}
  27. {% if not interface_dict.get('enable', True) %}
  28. stop and disable wg-quick@{{interface_name}}:
  29. service.dead:
  30. - name: wg-quick@{{interface_name}}
  31. - enable: False
  32. {% else %}
  33. restart wg-quick@{{interface_name}}:
  34. service.running:
  35. - name: wg-quick@{{interface_name}}
  36. - enable: True
  37. - watch:
  38. - file: wireguard_interface_{{interface_name}}_config
  39. - require:
  40. - pkg: wireguard_software
  41. {% endif %}
  42. {% if interface_dict.get('raw_config') %}
  43. wireguard_interface_{{interface_name}}_config:
  44. file.managed:
  45. - name: /etc/wireguard/{{interface_name}}.conf
  46. - makedirs: True
  47. - contents_pillar: wireguard:interfaces:{{interface_name}}:raw_config
  48. - mode: 600
  49. {% else %}
  50. wireguard_interface_{{interface_name}}_config:
  51. file.managed:
  52. - name: /etc/wireguard/{{interface_name}}.conf
  53. - makedirs: True
  54. - source: salt://wireguard/files/wg.conf
  55. - template: jinja
  56. - context:
  57. interface: {{interface_dict.get('config', {})}}
  58. peers: {{interface_dict.get('peers', [])}}
  59. - mode: 600
  60. {% endif %}
  61. {% endif %}
  62. {%- endfor %}