In some distributions package is not wireguard. In older distribution, kernel module might be in different package. And for some distributions, additional repositories might be needed and those might depend on architecture. So making sure all that is possible and adding example from SUSE family.

il y a 4 ans · a2ee53f07b
--- a/wireguard/defaults.yaml
+++ b/wireguard/defaults.yaml
@@ -2,4 +2,5 @@
 # vim: ft=yaml

 wireguard:
  package: wireguard
  packages:
    - wireguard
--- a/wireguard/init.sls
+++ b/wireguard/init.sls
@@ -1,3 +1,22 @@
 {% from "wireguard/map.jinja" import wireguard with context %}

 wireguard_software:
  pkg.installed:
    - pkgs:
 {%- for pkg in wireguard.packages %}
      - {{ pkg }}
 {%- endfor %}
 {%- if wireguard.get('repository', False) %}
    - require:
      - pkgrepo: wireguard_repo

 wireguard_repo:
  pkgrepo.managed:
 {%- for k,v in wireguard.repository.items() %}
    - {{ k }}: {{ v }}
 {%- endfor %}
 {%- endif %}

 {%- for interface_name, interface_dict in salt['pillar.get']('wireguard:interfaces', {}).items() %}

  {% if interface_dict.get('delete', False) %}
@@ -21,6 +40,8 @@ restart wg-quick@{{interface_name}}:
    - enable: True
    - watch:
      - file: wireguard_interface_{{interface_name}}_config
    - require:
      - pkg: wireguard_software
    {% endif %}

    {% if interface_dict.get('raw_config') %}
--- a/wireguard/map.jinja
+++ b/wireguard/map.jinja
@@ -1,9 +1,21 @@
 # -*- coding: utf-8 -*-
 # vim: ft=jinja

 {% import_yaml "wireguard/defaults.yaml" as defaults %}
 {#- Start with  defaults from defaults.yaml #}
 {% import_yaml "wireguard/defaults.yaml" as default_settings %}
 {% import_yaml "wireguard/osarchmap.yaml" as osarchmap %}
 {% import_yaml "wireguard/osfamilymap.yaml" as osfamilymap %}
 {% import_yaml "wireguard/osmap.yaml" as osmap %}
 {% import_yaml "wireguard/osfingermap.yaml" as osfingermap %}

 {% set wireguard = salt['grains.filter_by'](default_settings,
    default='wireguard',
    merge=salt['grains.filter_by'](osfamilymap, grain='os_family',
      merge=salt['grains.filter_by'](osmap, grain='os',
        merge=salt['grains.filter_by'](osfingermap, grain='osfinger',
          merge=salt['grains.filter_by'](salt['grains.filter_by'](osarchmap, grain='osfinger'), grain='osarch')
        )
      )
    )
 ) %}

 {% set wireguard = salt['grains.filter_by'](
    defaults,
    base='wireguard')
 %}
--- a/wireguard/osarchmap.yaml
+++ b/wireguard/osarchmap.yaml
@@ -0,0 +1,31 @@
 # -*- coding: utf-8 -*-
 # vim: ft=yaml
 #
 # Setup variables using grains['osarch'] based logic.
 # You just need to add the key:values for an `osarch` that differ
 # from `defaults.yaml`.
 # Only add an `osarch` which is/will be supported by the formula.
 #
 # If you do not need to provide defaults via the `osarch` grain,
 # you will need to provide at least an empty dict in this file, e.g.
 # osarch: {}
 ---
 Leap-15:
  aarch64:
    repository:
      name: wireguard
      humanname: Wireguard VPN
      baseurl: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1_ARM
      gpgautoimport: True
      gpgkey: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1/repodata/repomd.xml.key
      gpgcheck: 1
  x86_64:
    repository:
      name: wireguard
      humanname: Wireguard VPN
      baseurl: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1
      gpgautoimport: True
      gpgkey: https://download.opensuse.org/repositories/network:/vpn:/wireguard/openSUSE_Leap_15.1/repodata/repomd.xml.key
      gpgcheck: 1
 default:
  default: {}
--- a/wireguard/osfamilymap.yaml
+++ b/wireguard/osfamilymap.yaml
@@ -0,0 +1,13 @@
 # -*- coding: utf-8 -*-
 # vim: ft=yaml
 #
 # Setup variables using grains['os_family'] based logic.
 # You just need to add the key:values for an `os_family` that differ
 # from `defaults.yaml` + `osarch.yaml`.
 # Only add an `os_family` which is/will be supported by the formula.
 #
 # If you do not need to provide defaults via the `os_family` grain,
 # you will need to provide at least an empty dict in this file, e.g.
 # osfamilymap: {}
 ---
 default: {}
--- a/wireguard/osfingermap.yaml
+++ b/wireguard/osfingermap.yaml
@@ -0,0 +1,48 @@
 # -*- coding: utf-8 -*-
 # vim: ft=yaml
 #
 # Setup variables using grains['osfinger'] based logic.
 # You just need to add the key:values for an `osfinger` that differ
 # from `defaults.yaml` + `osarch.yaml` + `os_family.yaml` + `osmap.yaml`.
 # Only add an `osfinger` which is/will be supported by the formula.
 #
 # If you do not need to provide defaults via the `os_finger` grain,
 # you will need to provide at least an empty dict in this file, e.g.
 # osfingermap: {}
 ---
 # os: Debian
 Debian-10: {}
 Debian-9: {}
 Debian-8: {}

 # os: Ubuntu
 Ubuntu-18.04: {}
 Ubuntu-16.04: {}

 # os: Fedora
 Fedora-31: {}
 Fedora-30: {}

 # os: CentOS
 CentOS Linux-8: {}
 CentOS Linux-7: {}
 CentOS-6: {}

 # os: Amazon
 Amazon Linux-2: {}
 Amazon Linux AMI-2018: {}

 # os: SUSE
 Leap-15:
  packages:
    - wireguard-tools
    - wireguard-kmp-default

 # os: FreeBSD
 FreeBSD-12: {}

 # os: Windows
 Windows-8.1: {}

 # os: Gentoo
 Gentoo-2: {}
--- a/wireguard/osmap.yaml
+++ b/wireguard/osmap.yaml
@@ -0,0 +1,36 @@
 # -*- coding: utf-8 -*-
 # vim: ft=yaml
 #
 # Setup variables using grains['os'] based logic.
 # You just need to add the key:values for an `os` that differ
 # from `defaults.yaml` + `osarch.yaml` + `os_family.yaml`.
 # Only add an `os` which is/will be supported by the formula.
 #
 # If you do not need to provide defaults via the `os` grain,
 # you will need to provide at least an empty dict in this file, e.g.
 # osmap: {}
 ---
 # os_family: Debian
 Ubuntu: {}
 Raspbian: {}

 # os_family: RedHat
 Fedora: {}
 CentOS: {}
 Amazon: {}

 # os_family: Suse
 SUSE:
  packages:
    - wireguard-tools

 # os_family: Gentoo
 Funtoo: {}

 # os_family: Arch
 Manjaro: {}

 # os_family: Solaris
 SmartOS: {}

 default: {}