ansible-ffrgb/roles/fastd/templates/fastd.conf.j2

51 lines
1.1 KiB
Plaintext
Raw Permalink Normal View History

# {{ ansible_managed }}
2018-07-26 17:59:49 +02:00
user "fastd";
group "fastd";
log to syslog level warn;
hide ip addresses yes;
2018-07-26 17:59:49 +02:00
status socket "/run/fastd/{{ site_code }}{{ item }}.sock";
2018-01-21 20:46:21 +01:00
interface "vpn-{{ site_code }}{{ item }}";
method "null";
method "salsa2012+umac";
method "xsalsa20-poly1305";
secure handshakes yes;
2018-01-21 20:46:21 +01:00
bind {{ fastd_bind }}:{{ fastd_port + item|int }};
include "secret.conf";
2018-01-23 23:56:25 +01:00
mtu {{ mtu }};
{% if fastd_peers_limit > -1 %}
{% if item|int == 0 %}
peer limit {{ fastd_peers_limit-10 }};
{% elif item|int == (fastd_instances-1) %}
peer limit {{ fastd_peers_limit+10 }};
{% else %}
peer limit {{ fastd_peers_limit }};
{% endif %}
{% endif %}
on up "
ifconfig $INTERFACE down
2018-01-21 20:46:21 +01:00
ip link set address f2:00:90:00:{{ gateway_id }}:{{ 10 + item|int }} dev $INTERFACE
ifconfig $INTERFACE up
batctl -m {{ batman_interface }} if add $INTERFACE
";
on down "
batctl -m {{ batman_interface }} if del $INTERFACE
";
{% if fastd_anonymous %}
on verify "/etc/fastd/{{ site_code }}/blacklist.sh $PEER_KEY $PEER_ADDRESS /etc/fastd/{{ site_code }}/vpn-blacklist/blacklist.json";
{% endif %}
include peers from "peers";