From 410b448e37cfe3ae12db81a0b3a73e54fbe099a7 Mon Sep 17 00:00:00 2001
From: Adrien Reslinger <adrien@reslinger.net>
Date: Wed, 7 Sep 2022 12:40:32 +0200
Subject: [PATCH] Update wireguard template

---
 defaults/main.yml                         | 1 +
 templates/etc/wireguard/wireguard.conf.j2 | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index c251e33..069fe49 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -15,5 +15,6 @@ wireguard_persistent_keepalive: 20
 wireguard_save_config: true
 # wireguard_endpoint_port: "51820"
 # wireguard_endpoint_ip: "x.x.x.x"
+# wireguard_allowed_ips: []
 
 skip_conf: false
diff --git a/templates/etc/wireguard/wireguard.conf.j2 b/templates/etc/wireguard/wireguard.conf.j2
index 73d1e6c..620626d 100644
--- a/templates/etc/wireguard/wireguard.conf.j2
+++ b/templates/etc/wireguard/wireguard.conf.j2
@@ -49,7 +49,8 @@ SaveConfig = {{ wireguard_save_config }}
 PublicKey = {{ hostvars[host].wireguard_public_key }}
 #AllowedIPs = 0.0.0.0/0,::/0
 {%     if hostvars[host].wireguard_allowed_ips is defined %}
-AllowedIPs = {{hostvars[host].wireguard_allowed_ips}}
+AllowedIPs = {{ hostvars[host].wireguard_address.split('/')[0] }}/32, {% for wireguard_allowed_ip in hostvars[host].wireguard_allowed_ips %}{{ wireguard_allowed_ip }}{% if not loop.last %}, {% endif %}{% endfor %}
+
 {%     else %}
 AllowedIPs = {{ hostvars[host].wireguard_address.split('/')[0] }}/32
 {%     endif %}