Skip to content

Commit

Permalink
Fix wgkex worker venv permission bug
Browse files Browse the repository at this point in the history
  • Loading branch information
@DasSkelett
DasSkelett committed Mar 12, 2024
1 parent 2f2189b commit fd90dfe
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 5 deletions.
7 changes: 6 additions & 1 deletion wgkex/init.sls
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,28 +15,33 @@ python3-virtualenv:
- rev: main
- target: /srv/wgkex/wgkex
- user: wgkex
- force_reset: True

/srv/wgkex/wgkex/venv:
virtualenv.managed:
- name: /srv/wgkex/wgkex/venv
- requirements: /srv/wgkex/wgkex/requirements.txt
- user: wgkex
- runas: wgkex {# workaround for https://github.com/saltstack/salt/issues/59088 #}

/etc/systemd/system/wgkex.service:
file.managed:
- source: salt://wgkex/wgkex.service

/etc/wgkex.yaml:
file.managed:
- source: salt://wgkex/wgkex.yaml
- source: salt://wgkex/wgkex.yaml.jinja
- template: jinja

wgkex-service:
service.running:
- name: wgkex
- enable: True
- require:
- file: /etc/wgkex.yaml
- git: /srv/wgkex/wgkex
- watch:
- file: /etc/wgkex.yaml
- git: /srv/wgkex/wgkex

{% endif %}
14 changes: 10 additions & 4 deletions wgkex/wgkex.yaml → wgkex/wgkex.yaml.jinja
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
---

# [broker, worker] The domains that should be accepted by clients and for which matching WireGuard interfaces exist
domains:
- ffmuc_augsburg
- ffmuc_freising
Expand All @@ -19,17 +20,22 @@ domains:
- ffdon_sued
- ffwert_city
- ffwert_events
# [broker, worker] The prefix is trimmed from the domain name and replaced with 'wg-' and 'vx-'
# to calculate the WireGuard and VXLAN interface names
domain_prefixes:
- ffmuc_
- ffdon_
- ffwert_
# [worker] The external hostname of this worker
externalName: {{ grains['id'] | regex_replace('in\.ffmuc\.net','ext.ffmuc.net') }}
# [broker, worker] MQTT connection informations
mqtt:
broker_url: broker.ov.ffmuc.net
username:
password:
tls: False
broker_port: 1883
keepalive: 20
domain_prefixes:
- ffmuc_
- ffdon_
- ffwert_
logging_config:
formatters:
standard:
Expand Down

0 comments on commit fd90dfe

Please sign in to comment.