summaryrefslogtreecommitdiff
path: root/wireguardmeshgenerator.rb
diff options
context:
space:
mode:
authorPaul Buetow <paul@buetow.org>2025-05-01 23:39:15 +0300
committerPaul Buetow <paul@buetow.org>2025-05-01 23:39:15 +0300
commita3ef632592f5b42464423afce8f09bb76c85f936 (patch)
tree736f60e310db91d91480de1fe7068540a54727f7 /wireguardmeshgenerator.rb
parent404e6a3eac35ae4469a404bbcf4d38eb11f5dc0e (diff)
add openbsd hosts
Diffstat (limited to 'wireguardmeshgenerator.rb')
-rw-r--r--wireguardmeshgenerator.rb28
1 files changed, 21 insertions, 7 deletions
diff --git a/wireguardmeshgenerator.rb b/wireguardmeshgenerator.rb
index aee7d81..366a7cc 100644
--- a/wireguardmeshgenerator.rb
+++ b/wireguardmeshgenerator.rb
@@ -60,10 +60,16 @@ PeerSnippet = Struct.new(:myself, :peer, :domain, :wgdomain,
# #{myself}.#{domain} as #{myself}.#{wgdomain}
PublicKey = #{keytool.pub}
PresharedKey = #{keytool.psk(peer)}
- Endpoint = #{endpoint}:56709
AllowedIPs = #{allowed_ips}/32
+ #{endpoint_str}
PEER_CONF
end
+
+ def endpoint_str
+ return '# Due to NAT no Endpoint configured' if endpoint == :behind_nat
+
+ "Endpoint = #{endpoint}:56709"
+ end
end
WireguardConfig = Struct.new(:myself, :hosts) do
@@ -95,12 +101,20 @@ WireguardConfig = Struct.new(:myself, :hosts) do
private
def peers
- hosts.reject { _1 == myself }.map do |hostname, data|
- PeerSnippet.new(hostname, myself,
- data['lan']['domain'],
- data['wg0']['domain'],
- data['wg0']['ip'],
- data['lan']['ip'])
+ excluded = hosts[myself].fetch('exclude_peers', []) << myself
+ i_am_in_lan = hosts[myself].key?('lan')
+
+ hosts.reject { excluded.include?(_1) }.map do |peer, data|
+ peer_is_in_lan = data.key?('lan')
+ reach = data[peer_is_in_lan ? 'lan' : 'internet']
+ endpoint = if peer_is_in_lan == i_am_in_lan ||
+ !peer_is_in_lan
+ reach['ip']
+ else
+ :behind_nat
+ end
+ PeerSnippet.new(peer, myself, reach['domain'], data['wg0']['domain'],
+ data['wg0']['ip'], endpoint)
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-22 19:07:24 +0000