]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/networking/templates/default/wireguard.network.erb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Centralise enablement of backports
[chef.git] / cookbooks / networking / templates / default / wireguard.network.erb
diff --git a/cookbooks/networking/templates/default/wireguard.network.erb b/cookbooks/networking/templates/default/wireguard.network.erb
index 2d3469cf16741a16f4c144aabfb99aea77cd156f..a3b7dd115e309c215d95d883cc5086b2932e74f0 100644 (file)
--- a/cookbooks/networking/templates/default/wireguard.network.erb
+++ b/cookbooks/networking/templates/default/wireguard.network.erb
@@ -1,15 +1,21 @@
 [Match]
 Name=wg0
 
+[Link]
+RequiredForOnline=no
+
 [Network]
 <% if node.internal_ipaddress -%>
 Address=<%= node.internal_ipaddress %>/32
 <% end -%>
+<% if node[:networking][:private_address] -%>
+Address=<%= node[:networking][:private_address] %>/32
+<% end -%>
 Address=<%= node[:networking][:wireguard][:address] %>/128
 
 [Route]
 Destination=fd43:e709:ea6d:1::/64
-<% node[:networking][:wireguard][:peers].each do |peer| -%>
+<% node[:networking][:wireguard][:peers].sort_by { |p| p[:public_key] }.each do |peer| -%>
 <% Array(peer[:allowed_ips]).sort.each do |ip| -%>
 <% unless ip =~ /^fd43:e709:ea6d:1::/ -%>
 
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.