Adrien Reslinger
481fdcb32c
Some checks reported errors
continuous-integration/drone/push Build encountered an error
70 lines
2.5 KiB
Django/Jinja
70 lines
2.5 KiB
Django/Jinja
[Interface]
|
|
PrivateKey = {{ wireguard_private_key }}
|
|
Address = {{ wireguard_address }}
|
|
ListenPort = {{ wireguard_port }}
|
|
{% if wireguard_dns is defined %}
|
|
DNS = {{ wireguard_dns }}
|
|
{% endif %}
|
|
{% if wireguard_fwmark is defined %}
|
|
FwMark = {{ wireguard_fwmark }}
|
|
{% endif %}
|
|
{% if wireguard_mtu is defined %}
|
|
MTU = {{ wireguard_mtu }}
|
|
{% endif %}
|
|
{% if wireguard_table is defined %}
|
|
Table = {{ wireguard_table }}
|
|
{% endif %}
|
|
{% if wireguard_preup is defined %}
|
|
{% for wg_preup in wireguard_preup %}
|
|
PreUp = {{ wg_preup }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if wireguard_postup is defined %}
|
|
{% for wg_postup in wireguard_postup %}
|
|
PostUp = {{ wg_postup }}
|
|
{% endfor %}
|
|
{% else %}
|
|
PostUp = firewall-cmd --add-port {{ wireguard_port }}/udp && firewall-cmd --add-masquerade
|
|
{% endif %}
|
|
{% if wireguard_predown is defined %}
|
|
{% for wg_predown in wireguard_predown %}
|
|
PreDown = {{ wg_predown }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if wireguard_postdown is defined %}
|
|
{% for wg_postdown in wireguard_postdown %}
|
|
PostDown = {{ wg_postdown }}
|
|
{% endfor %}
|
|
{% else %}
|
|
PostDown = firewall-cmd --remove-port {{ wireguard_port }}/udp && firewall-cmd --remove-masquerade
|
|
{% endif %}
|
|
{% if wireguard_save_config is defined %}
|
|
SaveConfig = {{ wireguard_save_config }}
|
|
{% endif %}
|
|
{% for host in groups['Vpn'] | difference([inventory_hostname]) %}
|
|
{% if hostvars[host].wireguard_public_key is defined %}
|
|
|
|
[Peer]
|
|
# {{ host }}
|
|
PublicKey = {{ hostvars[host].wireguard_public_key }}
|
|
{% if false %}
|
|
#AllowedIPs = 0.0.0.0/0,::/0
|
|
{% endif %}
|
|
{% if hostvars[host].wireguard_allowed_ips is defined %}
|
|
AllowedIPs = {{ hostvars[host].wireguard_address.split('/')[0] }}/32, {% for wireguard_allowed_ip in hostvars[host].wireguard_allowed_ips %}{{ wireguard_allowed_ip }}{% if not loop.last %}, {% endif %}{% endfor %}
|
|
|
|
{% else %}
|
|
AllowedIPs = {{ hostvars[host].wireguard_address.split('/')[0] }}/32
|
|
{% endif %}
|
|
{% if hostvars[host].wireguard_endpoint_ip is defined and hostvars[host].wireguard_endpoint_port is defined %}
|
|
Endpoint = {{ hostvars[host].wireguard_endpoint_ip }}:{{ hostvars[host].wireguard_endpoint_port }}
|
|
{% elif hostvars[host].wireguard_endpoint_ip is defined %}
|
|
Endpoint = {{ hostvars[host].wireguard_endpoint_ip }}:{{ hostvars[host].wireguard_port }}
|
|
{% else %}
|
|
Endpoint = {{ hostvars[host].ansible_default_ipv4.address }}:{{ wireguard_port }}
|
|
{% endif %}
|
|
{% if hostvars[host].wireguard_persistent_keepalive is defined %}
|
|
PersistentKeepalive = {{ hostvars[host].wireguard_persistent_keepalive }}
|
|
{% endif %}
|
|
{% endif %}
|
|
{% endfor %}
|