Tyler-OBrien
commented
9 months ago Hey!
I changed out the bottom 2 commands to this once I get the mesh setup:
- name: Use wg-quick to setup
command: "wg-quick up wg0"
become: yes
ignore_errors: yes
- name: Enable wg-quick setup service
command: "systemctl enable wg-quick@wg0.service"
become: yes
- name: restart if existing
command: "systemctl restart wg-quick@wg0.service"
become: yes
ignore_errors: yes It's kind of hacky and silly but it works. My understanding is reload wouldn't bring in any new config, just from my limited testing. Restarting does cause latency to spike for a second.
I use this mesh with a more immutable set of nodes which I change infrequently. My primary desire was to get something that doesn't depend on a third party. I use Tailscale/headscale for a more generic private network, which would work better if you are constantly adding/removing nodes. You can run wireguard mesh and tailscale together as well, to have two overlay networks of different node types, works well.
First of all thanks for the template! 🙂
Currently testing, it seems to throw an error when trying to add a new host to an existing mesh, so when running the playback again on the old hosts:
Any ideas how this could be circumvented? Some AI suggests do bring
wg0down first, but maybe a reload would keep the whole mesh and ongoing traffic more stable?PS: It seems the
wireguard_mask_bitsfrom inventory is never used.