bundles/wireguard: add option to route networks through vpn

2023-09-24 18:56:50 +02:00 · 2023-09-24 18:56:50 +02:00 · 458606649e
parent 0e40b03060
commit 458606649e
1 changed files with 12 additions and 0 deletions
--- a/bundles/wireguard/metadata.py
+++ b/bundles/wireguard/metadata.py
@ -235,6 +235,8 @@ def interface_ips(metadata):
    snat_ip = metadata.get('wireguard/snat_ip', None)

    for peer, config in sorted(metadata.get('wireguard/peers', {}).items()):
+        routes = {}
+
        if '/' in config['my_ip']:
            my_ip = config['my_ip']
        else:
@ -243,8 +245,18 @@ def interface_ips(metadata):
        ips = {my_ip}
        if snat_ip:
            ips.add(snat_ip)
+
+        their_ip = config['their_ip']
+        if '/' in their_ip:
+            their_ip = their_ip.split('/')[0]
+
+        for route in config.get('routes', set()):
+            routes[route] = {'via': their_ip}
+
        interfaces[f'wg_{config["iface"]}'] = {
+            'activation_policy': 'up' if config.get('auto_connection', True) else 'manual',
            'ips': ips,
+            'routes': routes,
        }
    return {
        'interfaces': interfaces,