from ipaddress import ip_network repo.libs.tools.require_bundle(node, 'systemd-networkd') files = { '/usr/local/share/icinga/plugins/check_wireguard_connected': { 'mode': '0755', }, } for number, (peer, config) in enumerate(sorted(node.metadata.get('wireguard/peers', {}).items())): files[f'/etc/systemd/network/wg{number}.netdev'] = { 'content_type': 'mako', 'source': 'wg.netdev', 'context': { 'endpoint': config.get('endpoint'), 'number': number, 'peer': peer, 'port': config['my_port'], 'privatekey': node.metadata.get('wireguard/privatekey'), 'psk': config['psk'], 'pubkey': config['pubkey'], }, 'needs': { 'pkg_apt:wireguard', }, 'triggers': { 'svc_systemd:systemd-networkd:restart', }, } if node.has_bundle('pppd'): files['/etc/ppp/ip-up.d/reconnect-wireguard'] = { 'source': 'pppd-ip-up', 'content_type': 'mako', 'mode': '0755', }