wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-07 15:43:54 +02:00
Code Issues Projects Releases Wiki Activity

Allow more users (#1895)

Browse source
This commit is contained in:
David Myers 2020-10-31 13:26:12 -04:00 committed by GitHub
parent a1d39aecf5
commit b5bb64d07a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
config.cfg
View file

@ -1,10 +1,10 @@
--- ---
# This is the list of users to generate. # This is the list of users to generate.
# Every device must have a unique username. # Every device must have a unique user.
# You can generate up to 250 users at one time. # You can add up to 65,534 new users over the lifetime of an AlgoVPN.
# Usernames with leading 0's or containing only numbers should be escaped in double quotes, e.g. "000dan" or "123". # User names with leading 0's or containing only numbers should be escaped in double quotes, e.g. "000dan" or "123".
# Emails are not allowed # Email addresses are not allowed.
users: users:
- phone - phone
- laptop - laptop
@ -114,7 +114,7 @@ strongswan_log_level: 2
# rightsourceip for ipsec # rightsourceip for ipsec
# ipv4 # ipv4
strongswan_network: 10.19.48.0/24 strongswan_network: 10.48.0.0/16
# ipv6 # ipv6
strongswan_network_ipv6: '2001:db8:4160::/48' strongswan_network_ipv6: '2001:db8:4160::/48'
@ -124,7 +124,7 @@ strongswan_network_ipv6: '2001:db8:4160::/48'
wireguard_PersistentKeepalive: 0 wireguard_PersistentKeepalive: 0
# WireGuard network configuration # WireGuard network configuration
wireguard_network_ipv4: 10.19.49.0/24 wireguard_network_ipv4: 10.49.0.0/16
wireguard_network_ipv6: 2001:db8:a160::/48 wireguard_network_ipv6: 2001:db8:a160::/48
# Randomly generated IP address for the local dns resolver # Randomly generated IP address for the local dns resolver

4
roles/wireguard/defaults/main.yml
View file

@ -13,8 +13,8 @@ wireguard_dns_servers: >-
{% for host in dns_servers.ipv4 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% if ipv6_support %},{% for host in dns_servers.ipv6 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% endif %} {% for host in dns_servers.ipv4 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% if ipv6_support %},{% for host in dns_servers.ipv6 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% endif %}
{% endif %} {% endif %}
wireguard_client_ip: >- wireguard_client_ip: >-
{{ wireguard_network_ipv4 | ipaddr(index|int+2) }} {{ wireguard_network_ipv4 | ipmath(index|int+2) }}
{{ ',' + wireguard_network_ipv6 | ipaddr(index|int+2) if ipv6_support else '' }} {{ ',' + wireguard_network_ipv6 | ipmath(index|int+2) if ipv6_support else '' }}
wireguard_server_ip: >- wireguard_server_ip: >-
{{ wireguard_network_ipv4 | ipaddr('1') }} {{ wireguard_network_ipv4 | ipaddr('1') }}
{{ ',' + wireguard_network_ipv6 | ipaddr('1') if ipv6_support else '' }} {{ ',' + wireguard_network_ipv6 | ipaddr('1') if ipv6_support else '' }}

2
roles/wireguard/templates/server.conf.j2
View file

@ -12,6 +12,6 @@ SaveConfig = false
# {{ u }} # {{ u }}
PublicKey = {{ lookup('file', wireguard_pki_path + '/public/' + u) }} PublicKey = {{ lookup('file', wireguard_pki_path + '/public/' + u) }}
PresharedKey = {{ lookup('file', wireguard_pki_path + '/preshared/' + u) }} PresharedKey = {{ lookup('file', wireguard_pki_path + '/preshared/' + u) }}
AllowedIPs = {{ wireguard_network_ipv4 | ipaddr(index|int+1) | ipv4('address') }}/32{{ ',' + wireguard_network_ipv6 | ipaddr(index|int+1) | ipv6('address') + '/128' if ipv6_support else '' }} AllowedIPs = {{ wireguard_network_ipv4 | ipmath(index|int+1) | ipv4('address') }}/32{{ ',' + wireguard_network_ipv6 | ipmath(index|int+1) | ipv6('address') + '/128' if ipv6_support else '' }}
{% endif %} {% endif %}
{% endfor %} {% endfor %}