@@ -2,4 +2,5 @@ | |||
# vim: ft=yaml | |||
wireguard: | |||
package: wireguard | |||
packages: | |||
- wireguard |
@@ -1,3 +1,22 @@ | |||
{% from "wireguard/map.jinja" import wireguard with context %} | |||
wireguard_software: | |||
pkg.installed: | |||
- pkgs: | |||
{%- for pkg in wireguard.packages %} | |||
- {{ pkg }} | |||
{%- endfor %} | |||
{%- if wireguard.get('repository', False) %} | |||
- require: | |||
- pkgrepo: wireguard_repo | |||
wireguard_repo: | |||
pkgrepo.managed: | |||
{%- for k,v in wireguard.repository.items() %} | |||
- {{ k }}: {{ v }} | |||
{%- endfor %} | |||
{%- endif %} | |||
{%- for interface_name, interface_dict in salt['pillar.get']('wireguard:interfaces', {}).items() %} | |||
{% if interface_dict.get('delete', False) %} | |||
@@ -21,18 +40,22 @@ restart wg-quick@{{interface_name}}: | |||
- enable: True | |||
- watch: | |||
- file: wireguard_interface_{{interface_name}}_config | |||
- require: | |||
- pkg: wireguard_software | |||
{% endif %} | |||
{% if interface_dict.get('raw_config') %} | |||
wireguard_interface_{{interface_name}}_config: | |||
file.managed: | |||
- name: /etc/wireguard/{{interface_name}}.conf | |||
- makedirs: True | |||
- contents_pillar: wireguard:interfaces:{{interface_name}}:raw_config | |||
- mode: 600 | |||
{% else %} | |||
wireguard_interface_{{interface_name}}_config: | |||
file.managed: | |||
- name: /etc/wireguard/{{interface_name}}.conf | |||
- makedirs: True | |||
- source: salt://wireguard/files/wg.conf | |||
- template: jinja | |||
- context: |
@@ -1,9 +1,21 @@ | |||
# -*- coding: utf-8 -*- | |||
# vim: ft=jinja | |||
{% import_yaml "wireguard/defaults.yaml" as defaults %} | |||
{#- Start with defaults from defaults.yaml #} | |||
{% import_yaml "wireguard/defaults.yaml" as default_settings %} | |||
{% import_yaml "wireguard/osarchmap.yaml" as osarchmap %} | |||
{% import_yaml "wireguard/osfamilymap.yaml" as osfamilymap %} | |||
{% import_yaml "wireguard/osmap.yaml" as osmap %} | |||
{% import_yaml "wireguard/osfingermap.yaml" as osfingermap %} | |||
{% set wireguard = salt['grains.filter_by'](default_settings, | |||
default='wireguard', | |||
merge=salt['grains.filter_by'](osfamilymap, grain='os_family', | |||
merge=salt['grains.filter_by'](osmap, grain='os', | |||
merge=salt['grains.filter_by'](osfingermap, grain='osfinger', | |||
merge=salt['grains.filter_by'](salt['grains.filter_by'](osarchmap, grain='osfinger'), grain='osarch') | |||
) | |||
) | |||
) | |||
) %} | |||
{% set wireguard = salt['grains.filter_by']( | |||
defaults, | |||
base='wireguard') | |||
%} |
@@ -0,0 +1,31 @@ | |||
# -*- coding: utf-8 -*- | |||
# vim: ft=yaml | |||
# | |||
# Setup variables using grains['osarch'] based logic. | |||
# You just need to add the key:values for an `osarch` that differ | |||
# from `defaults.yaml`. | |||
# Only add an `osarch` which is/will be supported by the formula. | |||
# | |||
# If you do not need to provide defaults via the `osarch` grain, | |||
# you will need to provide at least an empty dict in this file, e.g. | |||
# osarch: {} | |||
--- | |||
Leap-15: | |||
aarch64: | |||
repository: | |||
name: wireguard | |||
humanname: Wireguard VPN | |||
baseurl: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1_ARM | |||
gpgautoimport: True | |||
gpgkey: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1/repodata/repomd.xml.key | |||
gpgcheck: 1 | |||
x86_64: | |||
repository: | |||
name: wireguard | |||
humanname: Wireguard VPN | |||
baseurl: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1 | |||
gpgautoimport: True | |||
gpgkey: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1/repodata/repomd.xml.key | |||
gpgcheck: 1 | |||
default: | |||
default: {} |
@@ -0,0 +1,13 @@ | |||
# -*- coding: utf-8 -*- | |||
# vim: ft=yaml | |||
# | |||
# Setup variables using grains['os_family'] based logic. | |||
# You just need to add the key:values for an `os_family` that differ | |||
# from `defaults.yaml` + `osarch.yaml`. | |||
# Only add an `os_family` which is/will be supported by the formula. | |||
# | |||
# If you do not need to provide defaults via the `os_family` grain, | |||
# you will need to provide at least an empty dict in this file, e.g. | |||
# osfamilymap: {} | |||
--- | |||
default: {} |
@@ -0,0 +1,48 @@ | |||
# -*- coding: utf-8 -*- | |||
# vim: ft=yaml | |||
# | |||
# Setup variables using grains['osfinger'] based logic. | |||
# You just need to add the key:values for an `osfinger` that differ | |||
# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml` + `osmap.yaml`. | |||
# Only add an `osfinger` which is/will be supported by the formula. | |||
# | |||
# If you do not need to provide defaults via the `os_finger` grain, | |||
# you will need to provide at least an empty dict in this file, e.g. | |||
# osfingermap: {} | |||
--- | |||
# os: Debian | |||
Debian-10: {} | |||
Debian-9: {} | |||
Debian-8: {} | |||
# os: Ubuntu | |||
Ubuntu-18.04: {} | |||
Ubuntu-16.04: {} | |||
# os: Fedora | |||
Fedora-31: {} | |||
Fedora-30: {} | |||
# os: CentOS | |||
CentOS Linux-8: {} | |||
CentOS Linux-7: {} | |||
CentOS-6: {} | |||
# os: Amazon | |||
Amazon Linux-2: {} | |||
Amazon Linux AMI-2018: {} | |||
# os: SUSE | |||
Leap-15: | |||
packages: | |||
- wireguard-tools | |||
- wireguard-kmp-default | |||
# os: FreeBSD | |||
FreeBSD-12: {} | |||
# os: Windows | |||
Windows-8.1: {} | |||
# os: Gentoo | |||
Gentoo-2: {} |
@@ -0,0 +1,36 @@ | |||
# -*- coding: utf-8 -*- | |||
# vim: ft=yaml | |||
# | |||
# Setup variables using grains['os'] based logic. | |||
# You just need to add the key:values for an `os` that differ | |||
# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml`. | |||
# Only add an `os` which is/will be supported by the formula. | |||
# | |||
# If you do not need to provide defaults via the `os` grain, | |||
# you will need to provide at least an empty dict in this file, e.g. | |||
# osmap: {} | |||
--- | |||
# os_family: Debian | |||
Ubuntu: {} | |||
Raspbian: {} | |||
# os_family: RedHat | |||
Fedora: {} | |||
CentOS: {} | |||
Amazon: {} | |||
# os_family: Suse | |||
SUSE: | |||
packages: | |||
- wireguard-tools | |||
# os_family: Gentoo | |||
Funtoo: {} | |||
# os_family: Arch | |||
Manjaro: {} | |||
# os_family: Solaris | |||
SmartOS: {} | |||
default: {} |