ansible.fftdf.supernode/roles/21-install-wireguard/templates/wg.conf.j2

#jinja2: lstrip_blocks:"True",trim_blocks:"True"
# {{ ansible_managed }}
# PublicKey: {{ wireguard__register_public_key.stdout }}

[Interface]
# {{ inventory_hostname }}
Address = {{ wireguard_address }}
PrivateKey = {{ wireguard_private_key }}
ListenPort = {{ wireguard_port }}
MTU = 1380

PostUp = ip rule add fwmark 0x4 table 42 && iptables -t mangle -A PREROUTING -s 10.255.0.0/16 ! -d 10.0.0.0/8 -j MARK --set-mark 4 && ip route add default via 172.16.7.1 table 42
PostDown = ip route del default via 172.16.7.1 table 42


{% if wireguard_unmanaged_peers is defined %}
# Peers not managed by Ansible from "wireguard_unmanaged_peers" variable
{% for peer in wireguard_unmanaged_peers.keys() %}
[Peer]
# {{ peer }}
PublicKey = {{ wireguard_unmanaged_peers[peer].public_key }}
{%     if wireguard_unmanaged_peers[peer].preshared_key is defined %}
PresharedKey = {{ wireguard_unmanaged_peers[peer].preshared_key }}
{%     endif %}
{%     if wireguard_unmanaged_peers[peer].allowed_ips is defined %}
AllowedIPs = {{ wireguard_unmanaged_peers[peer].allowed_ips }}
{%     endif %}
{%     if wireguard_unmanaged_peers[peer].endpoint is defined %}
Endpoint = {{ wireguard_unmanaged_peers[peer].endpoint }}
{%     endif %}
{%     if wireguard_unmanaged_peers[peer].persistent_keepalive is defined %}
PersistentKeepalive = {{ wireguard_unmanaged_peers[peer].persistent_keepalive }}
{%     endif %}
{%   endfor %}
{% endif %}
Changed to Wireguard VPN 2022-05-08 19:32:16 +00:00			`#jinja2: lstrip_blocks:"True",trim_blocks:"True"`
			`# {{ ansible_managed }}`
			`# PublicKey: {{ wireguard__register_public_key.stdout }}`

			`[Interface]`
			`# {{ inventory_hostname }}`
			`Address = {{ wireguard_address }}`
			`PrivateKey = {{ wireguard_private_key }}`
			`ListenPort = {{ wireguard_port }}`
Running Config with MTU Setup 2023-03-24 18:34:41 +00:00			`MTU = 1380`
Changed to Wireguard VPN 2022-05-08 19:32:16 +00:00
add route in table 42 2023-03-02 20:45:46 +00:00			`PostUp = ip rule add fwmark 0x4 table 42 && iptables -t mangle -A PREROUTING -s 10.255.0.0/16 ! -d 10.0.0.0/8 -j MARK --set-mark 4 && ip route add default via 172.16.7.1 table 42`
Running Config with MTU Setup 2023-03-24 18:34:41 +00:00			`PostDown = ip route del default via 172.16.7.1 table 42`
IPv6 config 2023-03-02 19:25:22 +00:00
Changed to Wireguard VPN 2022-05-08 19:32:16 +00:00
			`{% if wireguard_unmanaged_peers is defined %}`
			`# Peers not managed by Ansible from "wireguard_unmanaged_peers" variable`
			`{% for peer in wireguard_unmanaged_peers.keys() %}`
			`[Peer]`
			`# {{ peer }}`
			`PublicKey = {{ wireguard_unmanaged_peers[peer].public_key }}`
			`{% if wireguard_unmanaged_peers[peer].preshared_key is defined %}`
			`PresharedKey = {{ wireguard_unmanaged_peers[peer].preshared_key }}`
			`{% endif %}`
			`{% if wireguard_unmanaged_peers[peer].allowed_ips is defined %}`
			`AllowedIPs = {{ wireguard_unmanaged_peers[peer].allowed_ips }}`
			`{% endif %}`
			`{% if wireguard_unmanaged_peers[peer].endpoint is defined %}`
			`Endpoint = {{ wireguard_unmanaged_peers[peer].endpoint }}`
			`{% endif %}`
			`{% if wireguard_unmanaged_peers[peer].persistent_keepalive is defined %}`
			`PersistentKeepalive = {{ wireguard_unmanaged_peers[peer].persistent_keepalive }}`
			`{% endif %}`
			`{% endfor %}`
			`{% endif %}`