:allowed_ips => "10.0.16.1/32",
:endpoint => "gate.compton.nu:51820"
}
+
+ # Grant home
+ node.default[:networking][:wireguard][:peers] << {
+ :public_key => "RofATnvlWxP3mt87+QKRXFE5MVxtoCcTsJ+yftZYEE4=",
+ :allowed_ips => "10.89.122.1/32",
+ :endpoint => "gate.firefishy.com:51820"
+ }
+
+ # Grant roaming
+ node.default[:networking][:wireguard][:peers] << {
+ :public_key => "YbUkREE9TAmomqgL/4Fh2e5u2Hh7drN/2o5qg3ndRxg=",
+ :allowed_ips => "10.89.123.1/32",
+ :endpoint => "roaming.firefishy.com:51820"
+ }
end
template "/etc/systemd/network/wireguard.netdev" do
action :nothing
subscribes :restart, "template[/etc/systemd/network/wireguard.netdev]"
subscribes :restart, "template[/etc/systemd/network/wireguard.network]"
- not_if { ENV.key?("TEST_KITCHEN") }
+ not_if { kitchen? }
end
else
execute "networkctl-delete-wg0" do
command "networkctl reload"
subscribes :run, "template[/etc/systemd/network/wireguard.netdev]"
subscribes :run, "template[/etc/systemd/network/wireguard.network]"
- not_if { ENV.key?("TEST_KITCHEN") }
+ not_if { kitchen? }
end
end
end
execute "hostnamectl-set-hostname" do
command "hostnamectl set-hostname #{node[:networking][:hostname]}"
notifies :reload, "ohai[reload-hostname]"
- not_if { ENV.key?("TEST_KITCHEN") || node[:hostnamectl][:static_hostname] == node[:networking][:hostname] }
+ not_if { kitchen? || node[:hostnamectl][:static_hostname] == node[:networking][:hostname] }
end
template "/etc/hosts" do
end
end
+file "/etc/shorewall/masq" do
+ action :delete
+end
+
+file "/etc/shorewall/masq.bak" do
+ action :delete
+end
+
if node[:roles].include?("gateway")
- template "/etc/shorewall/masq" do
- source "shorewall-masq.erb"
+ template "/etc/shorewall/snat" do
+ source "shorewall-snat.erb"
owner "root"
group "root"
mode "644"
notifies :restart, "service[shorewall]"
end
else
- file "/etc/shorewall/masq" do
+ file "/etc/shorewall/snat" do
action :delete
notifies :restart, "service[shorewall]"
end