#jinja2: lstrip_blocks:"True",trim_blocks:"True" # {{ ansible_managed }} # PublicKey: {{ wireguard__register_public_key.stdout }} [Interface] # {{ inventory_hostname }} Address = {{ wireguard_address }} PrivateKey = {{ wireguard_private_key }} ListenPort = {{ wireguard_port }} MTU = 1355 PostUp = ip rule add fwmark 0x4 table 42 && iptables -t mangle -A PREROUTING -s 10.255.0.0/16 ! -d 10.0.0.0/8 -j MARK --set-mark 4 && ip route add default via 172.16.7.1 table 42 {% if wireguard_unmanaged_peers is defined %} # Peers not managed by Ansible from "wireguard_unmanaged_peers" variable {% for peer in wireguard_unmanaged_peers.keys() %} [Peer] # {{ peer }} PublicKey = {{ wireguard_unmanaged_peers[peer].public_key }} {% if wireguard_unmanaged_peers[peer].preshared_key is defined %} PresharedKey = {{ wireguard_unmanaged_peers[peer].preshared_key }} {% endif %} {% if wireguard_unmanaged_peers[peer].allowed_ips is defined %} AllowedIPs = {{ wireguard_unmanaged_peers[peer].allowed_ips }} {% endif %} {% if wireguard_unmanaged_peers[peer].endpoint is defined %} Endpoint = {{ wireguard_unmanaged_peers[peer].endpoint }} {% endif %} {% if wireguard_unmanaged_peers[peer].persistent_keepalive is defined %} PersistentKeepalive = {{ wireguard_unmanaged_peers[peer].persistent_keepalive }} {% endif %} {% endfor %} {% endif %}