diff --git a/dev/.gitignore b/dev/.gitignore new file mode 100644 index 0000000..9face2a --- /dev/null +++ b/dev/.gitignore @@ -0,0 +1,2 @@ +config/vm*.conf +docker-compose.yaml diff --git a/dev/Dockerfile b/dev/Dockerfile new file mode 100644 index 0000000..740da2b --- /dev/null +++ b/dev/Dockerfile @@ -0,0 +1,5 @@ +FROM alpine + +RUN apk add --no-cache wireguard-tools-wg-quick + + diff --git a/dev/config/wg0.conf.tmpl b/dev/config/wg0.conf.tmpl new file mode 100644 index 0000000..822a0b1 --- /dev/null +++ b/dev/config/wg0.conf.tmpl @@ -0,0 +1,14 @@ +[Interface] +Address = {{ item.ip }}/{{ mask_bits }} +ListenPort = {{ port }} +PrivateKey = {{ item.private_key }} +{% for iitem in keypairs %} +{% if iitem.item != item.item %} + +[Peer] +PublicKey = {{ iitem.public_key }} +Endpoint = {{ iitem.item }}:{{ port }} +AllowedIPs = {{ iitem.ip }}/32 +PersistentKeepalive=25 +{% endif %} +{% endfor %} diff --git a/dev/docker-compose.yaml.tmpl b/dev/docker-compose.yaml.tmpl new file mode 100644 index 0000000..59f8d39 --- /dev/null +++ b/dev/docker-compose.yaml.tmpl @@ -0,0 +1,15 @@ +#jinja2: lstrip_blocks: "True" +--- +version: '3.3' +services: + {% for item in keypairs %} + {{ item.item }}: + build: + dockerfile: Dockerfile + volumes: + - ./config/{{ item.item }}-wg0.conf:/etc/wireguard/wg0.conf + networks: + - default + {% endfor %} +networks: + default: diff --git a/dev/wireguard-configs.yaml b/dev/wireguard-configs.yaml new file mode 100644 index 0000000..868f37d --- /dev/null +++ b/dev/wireguard-configs.yaml @@ -0,0 +1,35 @@ +--- +- name: Wireguard config generator + hosts: localhost + vars: + mask_bits: 24 + base_ip: 10.2.0.0 + port: 51871 + tasks: + - name: generate keypair + shell: | + #!/bin/sh + priv="$(wg genkey)" + pub="$(echo "$priv" | wg pubkey)" + base_ip="{{ base_ip }}" + my_ip="$(echo "$base_ip" | sed 's/0$/{{ item }}/')" + jq --null-input \ + --arg priv "$priv" \ + --arg pub "$pub" \ + --arg my_ip "$my_ip" \ + '{"private_key": $priv, "public_key": $pub, "item": "vm{{ item }}", "ip": $my_ip}' + with_items: ["1", "2", "3", "4"] + register: keypairs_ + - set_fact: + keypairs: "{{ keypairs | default([]) + [item.stdout | from_json] }}" + with_items: "{{ keypairs_.results }}" + - debug: + var: keypairs + name: write wg configs + - template: + src: ./config/wg0.conf.tmpl + dest: ./config/{{ item.item }}-wg0.conf + with_items: "{{ keypairs }}" + - template: + src: ./docker-compose.yaml.tmpl + dest: ./docker-compose.yaml