MEschenbacher's Wireguard Saltstack Formula
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.

pillar.example 1.9KB

il y a 6 ans
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556
  1. wireguard:
  2. interfaces:
  3. wg0:
  4. # The two following keys are non-wireguard options.
  5. # Delete the config file. The interface will also be stopped and disables.
  6. # Defaults to False.
  7. #delete: False
  8. # Start and enable the service. Setting this to false causes the interface
  9. # to be stopped and disabled. Defaults to True.
  10. #enable: True
  11. config:
  12. # see wg(8) and wg-quick(8) for supported keys.
  13. # wg genkey
  14. PrivateKey: private_key_string
  15. # Address accepts a list of addresses or a string. Additionally wg-quick
  16. # will expand comma separated addresses.
  17. Address:
  18. - fe80::1/64
  19. - 10.0.0.1/24
  20. #Address: fe80::1/64, 10.0.0.1/24
  21. ListenPort: 51820
  22. # It is very important to quote off. Jinja expands off without quotes to
  23. # False which will result in 'table' not being set in the config file,
  24. # resulting in defaulting to auto.
  25. Table: 'off'
  26. peers:
  27. - PublicKey: foobar
  28. # AllowedIPs must be a list of strings or a comma separated string
  29. AllowedIPs:
  30. - fe80::2
  31. - 10.0.0.2/32
  32. PresharedKey: secret1
  33. - Publickey: bazbar
  34. AllowedIPs:
  35. - fe80::3
  36. - 10.0.0.3/32
  37. PresharedKey: secret2
  38. # the raw_config key can be used to pass a whole wireguard config in. The
  39. # raw_config key takes precendce before the regular config and peers keys.
  40. # Every other wireguard option in will then be ignored. Make sure to have
  41. # the correct indentation of 4 spaces more than the raw_config key and to
  42. # start with raw_config: |
  43. raw_config: |
  44. [Interface]
  45. Address = fe80::1/64
  46. ListenPort = 51820
  47. PrivateKey = private
  48. Table = off
  49. [Peer]
  50. PublicKey = peer
  51. AllowedIPs = fe80::2