diff options
| author | Paul Buetow <paul@buetow.org> | 2026-03-18 22:51:51 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-03-18 22:51:51 +0200 |
| commit | b44540cb6aeede82b38e017adef9def5a10ef017 (patch) | |
| tree | 6283aa1774788542904a57340285f666e6e3cb7b | |
| parent | a565099778deff61470c698626dc5af4438ff5f7 (diff) | |
fix FreeBSD /32 mask requirement; add host f3 to mesh configmain
| -rw-r--r-- | wireguardmeshgenerator.rb | 6 | ||||
| -rw-r--r-- | wireguardmeshgenerator.yaml | 18 |
2 files changed, 22 insertions, 2 deletions
diff --git a/wireguardmeshgenerator.rb b/wireguardmeshgenerator.rb index 9ef2228..cb0f819 100644 --- a/wireguardmeshgenerator.rb +++ b/wireguardmeshgenerator.rb @@ -147,8 +147,10 @@ WireguardConfig = Struct.new(:myself, :hosts) do ipv4 = hosts[myself]['wg0']['ip'] ipv6 = hosts[myself]['wg0']['ipv6'] - # FreeBSD wg-quick requires subnet mask on IPv4 address - ipv4_with_mask = hosts[myself]['os'] == 'FreeBSD' ? "#{ipv4}/24" : ipv4 + # FreeBSD 15.0+ requires /32 host mask on IPv4 Address lines (not /24); + # without a prefix, service wireguard start fails with "setting interface + # address without mask is no longer supported" + ipv4_with_mask = hosts[myself]['os'] == 'FreeBSD' ? "#{ipv4}/32" : ipv4 # WireGuard supports multiple Address directives for dual-stack if ipv6 diff --git a/wireguardmeshgenerator.yaml b/wireguardmeshgenerator.yaml index 92dbf9c..c33c301 100644 --- a/wireguardmeshgenerator.yaml +++ b/wireguardmeshgenerator.yaml @@ -54,6 +54,24 @@ hosts: - earth - pixel7pro - freebsd + f3: + os: FreeBSD + ssh: + user: paul + conf_dir: /usr/local/etc/wireguard + sudo_cmd: doas + reload_cmd: service wireguard reload + lan: + domain: 'lan.buetow.org' + ip: '192.168.1.133' + wg0: + domain: 'wg0.wan.buetow.org' + ip: '192.168.2.133' + ipv6: 'fd42:beef:cafe:2::133' + exclude_peers: + - earth + - pixel7pro + - freebsd r0: os: Linux ssh: |