ansible-edda/playbooks/vpn/roles/bridge/templates/br0.j2

27 lines
918 B
Django/Jinja

auto br0
iface br0 inet static
pre-up /usr/local/sbin/ip-link-add.sh $IFACE type bridge
post-up /usr/local/sbin/post-up-$IFACE-inet.nft
post-up /usr/local/sbin/post-up-$IFACE-ipv4.nft
{% if vpn_wireguard_role == "client" %}
post-up ip rule add dev $IFACE table {{ vpn_wireguard_routing_table }}
post-up ip rule add dev $IFACE to {{ local_network }} table main priority 1
{% endif %}
{% if vpn_wireguard_role == "client" %}
pre-down ip rule del dev $IFACE to {{ local_network }} table main priority 1
pre-down ip rule del dev $IFACE table {{ vpn_wireguard_routing_table }}
{% endif %}
pre-down /usr/local/sbin/pre-down-$IFACE-ipv4.nft
pre-down /usr/local/sbin/pre-down-$IFACE-inet.nft
bridge_stp off
bridge_waitport 0
bridge_fd 0
bridge_ports none
address {{ vpn_bridge_address }}
broadcast {{ vpn_bridge_broadcast }}
netmask {{ vpn_bridge_netmask }}