kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

libs/s2s: switch to static list of wireguard peers

Browse source
This commit is contained in:
Franzi 2023-09-09 14:11:39 +02:00
parent 5db3856218
commit 99e261fe24
Signed by: kunsi
GPG key ID: 12E3D2136B818350
1 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
libs/s2s.py
View file

@ -4,18 +4,29 @@ AS_NUMBERS = {
# 4290xxxxxx # 4290xxxxxx
'home': 4290000138, 'home': 4290000138,
'htz-cloud': 4290000137, 'htz-cloud': 4290000137,
'ionos': 4290000002,
'ovh': 4290000001, 'ovh': 4290000001,
} }
WG_AUTOGEN_NODES = [
# only ever append to this list. If a node vanishes, set its name to
# `None`. You may remove nodes from the end of this, though it's not
# recommended to do so.
None, # fkusei-locutus never used this
'home.router',
'htz-cloud.wireguard',
'icinga2',
'ovh.icinga2',
'ovh.wireguard',
]
def get_subnet_for_connection(repo, peer_a, peer_b): def get_subnet_for_connection(repo, peer_a, peer_b):
# XXX this assumes there are never more than 128 nodes which match that expression assert peer_a in WG_AUTOGEN_NODES
nodes = sorted({node.name for node in repo.nodes if node.has_bundle('wireguard')}) assert peer_b in WG_AUTOGEN_NODES
assert peer_a in nodes pos_peer_a = WG_AUTOGEN_NODES.index(peer_a)
assert peer_b in nodes pos_peer_b = WG_AUTOGEN_NODES.index(peer_b)
pos_peer_a = nodes.index(peer_a)
pos_peer_b = nodes.index(peer_b)
vpn_subnet = list(IPv4Network('169.254.0.0/16').subnets(new_prefix=24))[pos_peer_a] vpn_subnet = list(IPv4Network('169.254.0.0/16').subnets(new_prefix=24))[pos_peer_a]
return list(IPv4Network(vpn_subnet).subnets(new_prefix=31))[pos_peer_b] return list(IPv4Network(vpn_subnet).subnets(new_prefix=31))[pos_peer_b]