From c7e5002f17b4febd96df6d9935a164d5e21e2b2a Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Wed, 9 Mar 2022 13:05:01 +0100 Subject: [PATCH] bundles/wireguard: support arch linux and other netmasks than /31 --- bundles/wireguard/items.py | 4 +--- bundles/wireguard/metadata.py | 8 ++++++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/bundles/wireguard/items.py b/bundles/wireguard/items.py index d7c00e6..f9425c2 100644 --- a/bundles/wireguard/items.py +++ b/bundles/wireguard/items.py @@ -22,9 +22,7 @@ for number, (peer, config) in enumerate(sorted(node.metadata.get('wireguard/peer 'psk': config['psk'], 'pubkey': config['pubkey'], }, - 'needs': { - 'pkg_apt:wireguard', - }, + 'needs': {'pkg_apt:wireguard'} if node.has_bundle('apt') else set(), 'triggers': { 'svc_systemd:systemd-networkd:restart', }, diff --git a/bundles/wireguard/metadata.py b/bundles/wireguard/metadata.py index f81cde5..573aa4e 100644 --- a/bundles/wireguard/metadata.py +++ b/bundles/wireguard/metadata.py @@ -200,9 +200,13 @@ def firewall(metadata): def interface_ips(metadata): interfaces = {} for number, (peer, config) in enumerate(sorted(metadata.get('wireguard/peers', {}).items())): + if '/' in config['my_ip']: + my_ip = config['my_ip'] + else: + my_ip = '{}/31'.format(config['my_ip']) interfaces[f'wg{number}'] = { 'ips': { - '{}/31'.format(config['my_ip']), + my_ip, }, } return { @@ -214,7 +218,7 @@ def interface_ips(metadata): 'nftables/rules/10-wireguard', ) def snat(metadata): - if not node.has_bundle('nftables'): + if not node.has_bundle('nftables') or node.os == 'arch': raise DoNotRunAgain rules = {