#jinja2: lstrip_blocks:"True",trim_blocks:"True" {# Copyright (C) 2018-2022 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later #} # {{ ansible_managed }} [Interface] # {{ inventory_hostname }} {% if wireguard_address is defined %} Address = {{ wireguard_address }} {% endif %} {% if wireguard_addresses is defined %} {% for wg_addr in wireguard_addresses %} Address = {{ wg_addr }} {% endfor %} {% endif %} PrivateKey = {{ wireguard_private_key }} ListenPort = {{ wireguard_port }} {% if wireguard_dns is defined %} DNS = {{ wireguard_dns }} {% endif %} {% if wireguard_fwmark is defined %} FwMark = {{ wireguard_fwmark }} {% endif %} {% if wireguard_mtu is defined %} MTU = {{ wireguard_mtu }} {% endif %} {% if wireguard_table is defined %} Table = {{ wireguard_table }} {% endif %} {% if wireguard_preup is defined %} {% for wg_preup in wireguard_preup %} PreUp = {{ wg_preup }} {% endfor %} {% endif %} {% if wireguard_postup is defined %} {% for wg_postup in wireguard_postup %} PostUp = {{ wg_postup }} {% endfor %} {% endif %} {% if wireguard_predown is defined %} {% for wg_predown in wireguard_predown %} PreDown = {{ wg_predown }} {% endfor %} {% endif %} {% if wireguard_postdown is defined %} {% for wg_postdown in wireguard_postdown %} PostDown = {{ wg_postdown }} {% endfor %} {% endif %} {% if wireguard_save_config is defined %} SaveConfig = {{ wireguard_save_config }} {% endif %} {% for host in ansible_play_hosts %} {% if host != inventory_hostname %} [Peer] # {{ host }} PublicKey = {{hostvars[host].wireguard__fact_public_key}} {% if hostvars[host].wireguard_allowed_ips is defined %} AllowedIPs = {{hostvars[host].wireguard_allowed_ips}} {% else %} {% if wireguard_address is defined %} AllowedIPs = {{ hostvars[host].wireguard_address.split('/')[0] }}/32 {% endif %} {% if wireguard_addresses is defined %} {% for wg_addr in hostvars[host].wireguard_addresses %} {% if (wg_addr | ansible.utils.ipv4) %} AllowedIPs = {{ wg_addr.split('/')[0] }}/32 {% elif (wg_addr | ansible.utils.ipv6) %} AllowedIPs = {{ wg_addr.split('/')[0] }}/128 {% endif %} {% endfor %} {% endif %} {% endif %} {% if hostvars[host].wireguard_persistent_keepalive is defined %} PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}} {% endif %} {% if ( hostvars[host].wireguard_dc is defined and wireguard_dc is defined and wireguard_dc['name'] != hostvars[host].wireguard_dc['name'] ) %} Endpoint = {{hostvars[host].wireguard_dc['endpoint']}}:{{hostvars[host].wireguard_dc['port']}} {% elif hostvars[host].wireguard_port is defined %} {% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %} Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}} {% else %} Endpoint = {{host}}:{{hostvars[host].wireguard_port}} {% endif %} {% elif hostvars[host].wireguard_endpoint is defined %} {% if hostvars[host].wireguard_endpoint != "" %} Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}} {% else %} # No endpoint defined for this peer {% endif %} {% else %} Endpoint = {{host}}:{{wireguard_port}} {% endif %} {% endif %} {% endfor %} {% if wireguard_unmanaged_peers is defined %} # Peers not managed by Ansible from "wireguard_unmanaged_peers" variable {% for peer in wireguard_unmanaged_peers.keys() %} [Peer] # {{ peer }} PublicKey = {{ wireguard_unmanaged_peers[peer].public_key }} {% if wireguard_unmanaged_peers[peer].preshared_key is defined %} PresharedKey = {{ wireguard_unmanaged_peers[peer].preshared_key }} {% endif %} {% if wireguard_unmanaged_peers[peer].allowed_ips is defined %} AllowedIPs = {{ wireguard_unmanaged_peers[peer].allowed_ips }} {% endif %} {% if wireguard_unmanaged_peers[peer].endpoint is defined %} Endpoint = {{ wireguard_unmanaged_peers[peer].endpoint }} {% endif %} {% if wireguard_unmanaged_peers[peer].persistent_keepalive is defined %} PersistentKeepalive = {{ wireguard_unmanaged_peers[peer].persistent_keepalive }} {% endif %} {% endfor %} {% endif %}