Skip to content

spacedog/puppet-wireguard

Repository files navigation

Puppet-wireguard Build Status

Table of Contents

Classes

  • wireguard: Wireguard class manages wireguard - an open-source software application and protocol that implements virtual private network techniques to create secure point-to-point connections in routed or bridged configurations.
  • wireguard::config: Class configures files and directories for wireguard
  • wireguard::install: Class installs wireguard packages and sets yum repository
  • wireguard::params: Class that contains OS specific parameters for other classes

Defined types

Classes

wireguard

Wireguard class manages wireguard - an open-source software application and protocol that implements virtual private network techniques to create secure point-to-point connections in routed or bridged configurations.

Parameters

The following parameters are available in the wireguard class.

package_name

Data type: Variant[Array, String]

Name the package(s) that installs wireguard

Default value: $wireguard::params::package_name

repo_url

Data type: String

URL of wireguard repo

Default value: $wireguard::params::repo_url

manage_repo

Data type: Boolean

Should class manage yum repo

Default value: $wireguard::params::manage_repo

manage_package

Data type: Boolean

Should class install package(s)

Default value: $wireguard::params::manage_package

package_ensure

Data type: Variant[Boolean, Enum['installed','latest','present']]

Set state of the package

Default value: 'installed'

config_dir

Data type: Stdlib::Absolutepath

Path to wireguard configuration files

Default value: $wireguard::params::config_dir

config_dir_mode

Data type: String

The config_dir access mode bits

Default value: $wireguard::params::config_dir_mode

interfaces

Data type: Optional[Hash]

Define wireguard interfaces

Default value: {}

wireguard::config

Class configures files and directories for wireguard

Parameters

The following parameters are available in the wireguard::config class.

config_dir

Data type: Stdlib::Absolutepath

Path to wireguard configuration files

config_dir_mode

Data type: String

The config_dir access mode bits

wireguard::install

Class installs wireguard packages and sets yum repository

Parameters

The following parameters are available in the wireguard::install class.

package_name

Data type: Variant[Array, String]

Name the package(s) that installs wireguard

repo_url

Data type: String

URL of wireguard repo

manage_repo

Data type: Boolean

Should class manage yum repo

manage_package

Data type: Boolean

Should class install package(s)

package_ensure

Data type: Variant[Boolean, Enum['installed','latest','present']]

Set state of the package

wireguard::params

Class that contains OS specific parameters for other classes

Defined types

wireguard::interface

Defines wireguard tunnel interfaces

Parameters

The following parameters are available in the wireguard::interface defined type.

private_key

Data type: String

Private key for data encryption

listen_port

Data type: Integer[1,65535]

The port to listen

ensure

Data type: Enum['present','absent']

State of the interface

Default value: 'present'

address

Data type: Optional[Variant[Array,String]]

List of IP (v4 or v6) addresses (optionally with CIDR masks) to be assigned to the interface.

Default value: undef

mtu

Data type: Optional[Integer[1,9202]]

Set MTU for the wireguard interface

Default value: undef

preup

Data type: Optional[Variant[Array,String]]

List of commands to run before the interface is brought up

Default value: undef

postup

Data type: Optional[Variant[Array,String]]

List of commands to run after the interface is brought up

Default value: undef

predown

Data type: Optional[Variant[Array,String]]

List of commands to run before the interface is taken down

Default value: undef

postdown

Data type: Optional[Variant[Array,String]]

List of commands to run after the interface is taken down

Default value: undef

peers

Data type: Optional[Array[Struct[ { 'PublicKey' => String, 'AllowedIPs' => Optional[String], 'Endpoint' => Optional[String], 'PersistentKeepalive' => Optional[Integer], 'PresharedKey' => Optional[String], 'Comment' => Optional[String], } ]]]

List of peers for wireguard interface

Default value: []

dns

Data type: Optional[String]

List of IP (v4 or v6) addresses of DNS servers to use

Default value: undef

saveconfig

Data type: Boolean

save current state of the interface upon shutdown

Default value: true

config_dir

Data type: Stdlib::Absolutepath

Path to wireguard configuration files

Default value: '/etc/wireguard'