ansible/roles/vpn/templates/wiregard.conf.j2

{{ ansible_managed | comment }}

[Interface]
Address = {{ item.value.ip }}
PrivateKey = {{ item.value.private_key }}
ListenPort = {{ vpn_port }}

{% for peer in item.value.peers %}
[Peer]
{{ peer.comment | comment }}
Publickey = {{ peer.public_key }}
{% if peer.endpoint %}
Endpoint = {{ peer.endpoint }}:{{ vpn_port }}
{% endif %}
AllowedIPs = {{ peer.allowed_ips | join(", ") }}

{% endfor %}
{% if item.value.keepalive %}
PersistentKeepalive = {{ vpn_keepalive_period }}
{% endif %}
write vpn config 2021-04-22 22:51:33 +02:00			`{{ ansible_managed \| comment }}`

			`[Interface]`
fallback to wg-quick because of the clusterfuck of configuration types between the OSs 2021-07-08 00:33:13 +02:00			`Address = {{ item.value.ip }}`
write vpn config 2021-04-22 22:51:33 +02:00			`PrivateKey = {{ item.value.private_key }}`
			`ListenPort = {{ vpn_port }}`

			`{% for peer in item.value.peers %}`
			`[Peer]`
add comment 2021-04-23 00:40:31 +02:00			`{{ peer.comment \| comment }}`
write vpn config 2021-04-22 22:51:33 +02:00			`Publickey = {{ peer.public_key }}`
			`{% if peer.endpoint %}`
tweak the vpn template to route multiples subnets 2021-07-12 02:09:39 +02:00			`Endpoint = {{ peer.endpoint }}:{{ vpn_port }}`
write vpn config 2021-04-22 22:51:33 +02:00			`{% endif %}`
tweak the vpn template to route multiples subnets 2021-07-12 02:09:39 +02:00			`AllowedIPs = {{ peer.allowed_ips \| join(", ") }}`
write vpn config 2021-04-22 22:51:33 +02:00
			`{% endfor %}`
			`{% if item.value.keepalive %}`
			`PersistentKeepalive = {{ vpn_keepalive_period }}`
			`{% endif %}`