]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/networking/attributes/default.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add basic infrastructure for wireguard tunnels
[chef.git] / cookbooks / networking / attributes / default.rb
diff --git a/cookbooks/networking/attributes/default.rb b/cookbooks/networking/attributes/default.rb
index 8edc932793fd21efafea2f69cd947707f19353d4..d2ec5957d1a36e9db8dd093ae3de37cba096de46 100644 (file)
--- a/cookbooks/networking/attributes/default.rb
+++ b/cookbooks/networking/attributes/default.rb
@@ -1,3 +1,5 @@
+wireguard_id = %x(systemd-id128 machine-id -a 3f36688c233848dfa84e4b176195622e)
+
 default[:networking][:firewall][:enabled] = true
 default[:networking][:firewall][:inet] = []
 default[:networking][:firewall][:inet6] = []
@@ -12,3 +14,7 @@ default[:networking][:nameservers] = []
 default[:networking][:search] = []
 default[:networking][:dnssec] = "allow-downgrade"
 default[:networking][:hostname] = node.name
+default[:networking][:wireguard][:enabled] = false
+default[:networking][:wireguard][:address] = "fd43:e709:ea6d:1:#{wireguard_id[0,4]}:#{wireguard_id[4,4]}:#{wireguard_id[8,4]}:#{wireguard_id[12,4]}"
+default[:networking][:wireguard][:keepalive] = false
+default[:networking][:wireguard][:peers] = []
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.