39 commits

Author	SHA1	Message	Date
Franzi	e6f6229b87	bundles/wireguard: do not generate PSKs for unmanaged nodes	2024-03-23 10:19:15 +01:00
Franzi	104d1f11bf	bundles/wireguard: support s2s connection to other services	2024-03-22 22:52:12 +01:00
Franzi	86b8cd8edf	bundles/wireguard: remove wg_health_check	2023-12-10 17:01:01 +01:00
Franzi	f3269ce979	bundle/wireguard: fix firewall for home.router	2023-12-10 16:59:53 +01:00
Franzi	63d42c6b42	bundles/wireguard: add no_autoconnect option	2023-12-10 16:58:52 +01:00
Franzi	75ef2e7bb9	bundles/wireguard: uninstall dkms package for debian > 11	2023-11-12 11:00:43 +01:00
Franzi	cd48cf495d	rework firewall setup	2023-09-24 21:01:51 +02:00
Franzi	a09b5b98ca	bundles/wireguard: disable health_checks if auto_connection is false	2023-09-24 18:57:27 +02:00
Franzi	458606649e	bundles/wireguard: add option to route networks through vpn	2023-09-24 18:56:50 +02:00
Franzi	0e40b03060	bundles/wireguard: only try to do full mesh if *we* are doing full mesh	2023-09-24 18:56:18 +02:00
Franzi	07de570175	auto-generate full wireguard mesh between all nodes in libs.s2s.WG_AUTOGEN_NODES	2023-09-23 15:06:16 +02:00
Franzi	3a0ed4a7f5	bundles/wireguard: autogenerate port number based on index in WG_AUTOGEN_NODES	2023-09-23 15:04:47 +02:00
Franzi	d47f7db708	bundles/wireguard: only try to auto-generate ips and ports if nodes are present in WG_AUTOGEN_NODES	2023-09-23 15:04:11 +02:00
Franzi	0d79216ae5	bundles/wireguard: fix KeyError when running with no peers	2023-09-23 15:03:44 +02:00
Franzi	4f260932c3	bundles/wireguard: health checks for everyone	2023-09-12 20:15:19 +02:00
Franzi	234e81431d	bundles/wireguard: easier snat setup	2023-09-10 21:27:03 +02:00
Franzi	fe4d4abc9c	bundles/wireguard: fix max interface length	2023-09-09 16:10:49 +02:00
Franzi	7df6b1d13a	bundles/wireguard: name wg interfaces according to their peers	2023-09-09 13:55:03 +02:00
Franzi	4122a7ccf8	isort the repo	2023-02-05 17:30:58 +01:00
Franzi	c8dd809057	bundles/wireguard: better nftables rules	2022-12-11 17:42:39 +01:00
Franzi	5179edb458	bundles/wireguard: fix forwarding firewall rules	2022-03-13 15:15:08 +01:00
Franzi	c7e5002f17	bundles/wireguard: support arch linux and other netmasks than /31	2022-03-09 13:05:01 +01:00
Franzi	0101e0c92d	bundles/nftables: store rules in dedicated files instead of nftables.conf	2021-12-14 15:27:30 +01:00
Franzi	5f1f4fd654	bundles/wireguard: add option 'snat_to' for connections	2021-09-29 19:43:29 +02:00
Franzi	902840ee7f	bundles/wireguard: use one wireguard connection per peer instead of one for all	2021-09-29 19:27:13 +02:00
Franzi	d569b00960	modify nodes and bundles for new nftables syntax	2021-06-03 13:59:36 +02:00
Franzi	8fd83241ca	bundles: ensure apt/repos/*/items is a set	2021-04-30 12:49:59 +02:00
Franzi	6772b3b5d0	bundles: various fixes for telegraf plugins	2021-04-24 11:45:58 +02:00
Franzi	a37d31973a	bundles: add some telegraf plugins	2021-04-24 09:14:25 +02:00
Franzi	5b276368b8	bundles/wireguard: iptables/bundle_rules should be a list	2021-04-01 17:13:24 +02:00
Franzi	6e423c24fb	bundles/wireguard: rework metadata.py	2021-04-01 16:27:31 +02:00
Franzi	6a6198c9b9	bundles/wireguard: move iptables rules to metadata reactor	2021-03-21 15:26:29 +01:00
Franzi	52cab71fec	bundles/wireguard: also allow outgoing traffic ... How did this ever work without this rule?	2021-03-15 09:00:35 +01:00
Franzi	56fce7d460	bundles/wireguard: add exclude_from_monitoring option for wireguard peers	2021-02-14 21:35:37 +01:00
Franzi	2d42e5f7dd	update bw to 4.3, add .provides() to metadata reactors	2021-01-07 18:44:38 +01:00
Franzi	1d06d86205	bundles/wireguard: fix early fault resolve in metadata.py	2020-12-10 16:39:26 +01:00
Franzi	67d8293201	bundles/wireguard: one icinga2 check per peer	2020-11-30 06:43:46 +01:00
Franzi	5aee050c5d	bundles/wireguard: add icinga check	2020-11-21 16:15:34 +01:00
Franzi	58ca3fa9ae	bundles/wireguard: add netdev and network files, add iptables rules	2020-11-21 15:38:38 +01:00