MEschenbacher's Wireguard Saltstack Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

pillar.example 2.1KB

6 yıl önce
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364
  1. wireguard:
  2. interfaces:
  3. wg0:
  4. # The two following keys are non-wireguard options.
  5. # Delete the config file. The interface will also be stopped and disables.
  6. # Defaults to False.
  7. #delete: False
  8. # Start and enable the service. Setting this to false causes the interface
  9. # to be stopped and disabled. Defaults to True.
  10. #enable: True
  11. config:
  12. # see wg(8) and wg-quick(8) for supported keys.
  13. # wg genkey
  14. PrivateKey: private_key_string
  15. # Address accepts a list of addresses or a string. Additionally wg-quick
  16. # will expand comma separated addresses.
  17. Address:
  18. - fe80::1/64
  19. - 10.0.0.1/24
  20. #Address: fe80::1/64, 10.0.0.1/24
  21. ListenPort: 51820
  22. # It is very important to quote off. Jinja expands off without quotes to
  23. # False which will result in 'table' not being set in the config file,
  24. # resulting in defaulting to auto.
  25. Table: 'off'
  26. peers:
  27. - PublicKey: foobar
  28. # AllowedIPs must be a list of strings or a comma separated string
  29. AllowedIPs:
  30. - fe80::2
  31. - 10.0.0.2/32
  32. PresharedKey: secret1
  33. - Publickey: bazbar
  34. AllowedIPs:
  35. - fe80::3
  36. - 10.0.0.3/32
  37. PresharedKey: secret2
  38. # the raw_config key can be used to pass a whole wireguard config in. The
  39. # raw_config key takes precendce before the regular config and peers keys.
  40. # Every other wireguard option in will then be ignored. Make sure to have
  41. # the correct indentation of 4 spaces more than the raw_config key and to
  42. # start with raw_config: |
  43. raw_config: |
  44. [Interface]
  45. Address = fe80::1/64
  46. ListenPort = 51820
  47. PrivateKey = private
  48. Table = off
  49. [Peer]
  50. PublicKey = peer
  51. AllowedIPs = fe80::2
  52. # Internal formula configuration can be overridden using values placed
  53. # in this lookup table. For more variables that can be overridden, see
  54. # defaults.yaml and os*map.yaml
  55. # lookup:
  56. # packages:
  57. # - wireguard-tools
  58. # - wireguard-kmod