mail done
This commit is contained in:
@@ -1,9 +1,20 @@
|
||||
[Interface]
|
||||
PrivateKey = {{ wireguard_private_key }}
|
||||
Address = 10.10.1.2/24
|
||||
|
||||
|
||||
Table = 123
|
||||
PreUp = ip rule add fwmark 1 table 123 priority 455
|
||||
PreUp = ip rule add from 10.10.1.2 table 123 priority 456
|
||||
PostUp = iptables -t mangle -A PREROUTING -i %i -m conntrack --ctstate NEW -j CONNMARK --set-mark 1
|
||||
PostUp = iptables -t mangle -A PREROUTING -m conntrack --ctdir REPLY -j CONNMARK --restore-mark
|
||||
|
||||
PreDown = iptables -t mangle -D PREROUTING -i %i -m conntrack --ctstate NEW -j CONNMARK --set-mark 1
|
||||
PreDown = iptables -t mangle -D PREROUTING -m conntrack --ctdir REPLY -j CONNMARK --restore-mark
|
||||
PostDown = ip rule del fwmark 1 table 123 priority 455
|
||||
PostDown = ip rule del from 10.10.1.2 table 123 priority 456
|
||||
|
||||
[Peer]
|
||||
PublicKey = r0XaxIE3AVud9Z42UPZF3mwoh2R0B0M1EUDY9cvuyDA=
|
||||
Endpoint = 192.3.44.243:41194
|
||||
AllowedIPs = 10.10.1.0/24
|
||||
AllowedIPs = 0.0.0.0/0
|
||||
PersistentKeepalive = 25
|
||||
@@ -7,11 +7,13 @@ PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to-des
|
||||
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to-destination 10.10.1.2:25
|
||||
PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 993 -j DNAT --to-destination 10.10.1.2:993
|
||||
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 993 -j DNAT --to-destination 10.10.1.2:993
|
||||
PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 465 -j DNAT --to-destination 10.10.1.2:465
|
||||
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 465 -j DNAT --to-destination 10.10.1.2:465
|
||||
PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 587 -j DNAT --to-destination 10.10.1.2:587
|
||||
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 587 -j DNAT --to-destination 10.10.1.2:587
|
||||
|
||||
PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE
|
||||
PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE
|
||||
#PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE
|
||||
#PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE
|
||||
|
||||
[Peer]
|
||||
PublicKey = oI69uWkbkwtpuIYxDNGmzg4nRjY1BIZFVFjZwguIvwE=
|
||||
|
||||
@@ -24,14 +24,22 @@
|
||||
name: wireguard
|
||||
state: present
|
||||
|
||||
- name: Down wg0
|
||||
changed_when: true
|
||||
ansible.builtin.command: wg-quick down wg0
|
||||
|
||||
- name: Copy wg0.conf
|
||||
ansible.builtin.template:
|
||||
src: wg0.conf.j2
|
||||
dest: /etc/wireguard/wg0.conf
|
||||
mode: '0600'
|
||||
|
||||
- name: Start service
|
||||
ansible.builtin.service:
|
||||
name: wg-quick@wg0
|
||||
state: restarted
|
||||
enabled: true
|
||||
- name: Up wg0
|
||||
changed_when: true
|
||||
ansible.builtin.command: wg-quick up wg0
|
||||
|
||||
# - name: Start service
|
||||
# ansible.builtin.service:
|
||||
# name: wg-quick@wg0
|
||||
# state: restarted
|
||||
# enabled: true
|
||||
|
||||
Reference in New Issue
Block a user