bundles/wireguard: use one wireguard connection per peer instead of one for all
This commit is contained in:
parent
8110ec508e
commit
902840ee7f
GPG key ID:
12E3D2136B818350
5 changed files with 110 additions and 94 deletions
21
libs/s2s.py
Normal file
21
libs/s2s.py
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
from ipaddress import IPv4Network
|
||||
|
||||
AS_NUMBERS = {
|
||||
# 4290xxxxxx
|
||||
'home': 4290000138,
|
||||
'htz-cloud': 4290000137,
|
||||
'ovh': 4290000001,
|
||||
}
|
||||
|
||||
def get_subnet_for_connection(repo, peer_a, peer_b):
|
||||
# XXX this assumes there are never more than 128 nodes which match that expression
|
||||
nodes = sorted({node.name for node in repo.nodes if node.has_bundle('wireguard')})
|
||||
|
||||
assert peer_a in nodes
|
||||
assert peer_b in nodes
|
||||
|
||||
pos_peer_a = nodes.index(peer_a)
|
||||
pos_peer_b = nodes.index(peer_b)
|
||||
|
||||
vpn_subnet = list(IPv4Network('169.254.0.0/16').subnets(new_prefix=24))[pos_peer_a]
|
||||
return list(IPv4Network(vpn_subnet).subnets(new_prefix=31))[pos_peer_b]
|
||||
Loading…
Add table
Add a link
Reference in a new issue