1
0
Fork 0
This repository has been archived on 2020-08-04. You can view files and clone it, but cannot push or open issues or pull requests.
ansible-role-wireguard/templates/wg.conf.j2
2020-04-04 15:34:03 -04:00

80 lines
3 KiB
Django/Jinja

#jinja2: lstrip_blocks:"True",trim_blocks:"True"
[Interface]
# {{ inventory_hostname }}
Address = {{hostvars[inventory_hostname].wireguard_address}}
PrivateKey = {{private_key}}
ListenPort = {{wireguard_port}}
{% if hostvars[inventory_hostname].wireguard_dns is defined %}
DNS = {{hostvars[inventory_hostname].wireguard_dns}}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_fwmark is defined %}
FwMark = {{hostvars[inventory_hostname].wireguard_fwmark}}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_mtu is defined %}
MTU = {{hostvars[inventory_hostname].wireguard_mtu}}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_table is defined %}
Table = {{hostvars[inventory_hostname].wireguard_table}}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_preup is defined %}
{% for wg_preup in hostvars[inventory_hostname].wireguard_preup %}
PreUp = {{ wg_preup }}
{% endfor %}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_predown is defined %}
{% for wg_predown in hostvars[inventory_hostname].wireguard_predown %}
PreDown = {{ wg_predown }}
{% endfor %}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_postup is defined %}
{% for wg_postup in hostvars[inventory_hostname].wireguard_postup %}
PostUp = {{ wg_postup }}
{% endfor %}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_postdown is defined %}
{% for wg_postdown in hostvars[inventory_hostname].wireguard_postdown %}
PostDown = {{ wg_postdown }}
{% endfor %}
{% endif %}
{% if hostvars[inventory_hostname].wireguard_save_config is defined %}
SaveConfig = true
{% endif %}
{% for host in ansible_play_hosts %}
{% if host != inventory_hostname %}
[Peer]
# {{ host }}
PublicKey = {{hostvars[host].public_key}}
{% if hostvars[host].wireguard_allowed_ips is defined %}
AllowedIPs = {{hostvars[host].wireguard_allowed_ips}}
{% else %}
AllowedIPs = {{hostvars[host].wireguard_ip}}/32
{% endif %}
{% if hostvars[host].wireguard_persistent_keepalive is defined %}
PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}}
{% endif %}
{% if hostvars[host].wireguard_port is defined and hostvars[host].wireguard_port is number %}
{% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}}
{% else %}
Endpoint = {{host}}:{{hostvars[host].wireguard_port}}
{% endif %}
{% elif hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}}
{% elif hostvars[host].wireguard_endpoint == "" %}
# No endpoint defined for this peer
{% else %}
Endpoint = {{host}}:{{wireguard_port}}
{% endif %}
{% endif %}
{% endfor %}
{% if wireguard_unmanaged_hosts is defined %}
{% for hostdata in uh_public_key.results %}
[Peer]
# {{ hostdata.item.host }}
PublicKey = {{ hostdata.stdout }}
AllowedIPs = {{ hostdata.item.allowed_ips}}
{% endfor %}
{% endif %}