#jinja2: lstrip_blocks:"True",trim_blocks:"True" # {{ ansible_managed }} [Interface] # {{ inventory_hostname }} Address = {{ wireguard_address }} PrivateKey = {{ wireguard__fact_private_key }} ListenPort = {{ wireguard_port }} {% if wireguard_dns is defined %} DNS = {{ wireguard_dns }} {% endif %} {% if wireguard_fwmark is defined %} FwMark = {{ wireguard_fwmark }} {% endif %} {% if wireguard_mtu is defined %} MTU = {{ wireguard_mtu }} {% endif %} {% if wireguard_table is defined %} Table = {{ wireguard_table }} {% endif %} {% if wireguard_preup is defined %} {% for wg_preup in wireguard_preup %} PreUp = {{ wg_preup }} {% endfor %} {% endif %} {% if wireguard_predown is defined %} {% for wg_predown in wireguard_predown %} PreDown = {{ wg_predown }} {% endfor %} {% endif %} {% if wireguard_postup is defined %} {% for wg_postup in wireguard_postup %} PostUp = {{ wg_postup }} {% endfor %} {% endif %} {% if wireguard_postdown is defined %} {% for wg_postdown in wireguard_postdown %} PostDown = {{ wg_postdown }} {% endfor %} {% endif %} {% if wireguard_save_config is defined %} SaveConfig = true {% endif %} {% for host in ansible_play_hosts %} {% if host != inventory_hostname %} [Peer] # {{ host }} PublicKey = {{hostvars[host].wireguard__fact_public_key}} {% if hostvars[host].wireguard_allowed_ips is defined %} AllowedIPs = {{hostvars[host].wireguard_allowed_ips}} {% else %} AllowedIPs = {{ hostvars[host].wireguard_address.split('/')[0] }}/32 {% endif %} {% if hostvars[host].wireguard_persistent_keepalive is defined %} PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}} {% endif %} {% if ( hostvars[host].wireguard_dc is defined and wireguard_dc is defined and wireguard_dc['name'] != hostvars[host].wireguard_dc['name'] ) %} Endpoint = {{hostvars[host].wireguard_dc['endpoint']}}:{{hostvars[host].wireguard_dc['port']}} {% elif hostvars[host].wireguard_port is defined and hostvars[host].wireguard_port is number %} {% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %} Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}} {% else %} Endpoint = {{host}}:{{hostvars[host].wireguard_port}} {% endif %} {% elif hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %} Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}} {% elif hostvars[host].wireguard_endpoint == "" %} # No endpoint defined for this peer {% else %} Endpoint = {{host}}:{{wireguard_port}} {% endif %} {% endif %} {% endfor %} {% if wireguard_unmanaged_peers is defined %} # Peers not managed by Ansible from "wireguard_unmanaged_peers" variable {% for peer in wireguard_unmanaged_peers.keys() %} [Peer] # {{ peer }} PublicKey = {{ wireguard_unmanaged_peers[peer].public_key }} {% if wireguard_unmanaged_peers[peer].preshared_key is defined %} PresharedKey = {{ wireguard_unmanaged_peers[peer].preshared_key }} {% endif %} {% if wireguard_unmanaged_peers[peer].allowed_ips is defined %} AllowedIPs = {{ wireguard_unmanaged_peers[peer].allowed_ips }} {% endif %} {% if wireguard_unmanaged_peers[peer].endpoint is defined %} Endpoint = {{ wireguard_unmanaged_peers[peer].endpoint }} {% endif %} {% if wireguard_unmanaged_peers[peer].persistent_keepalive is defined %} PersistentKeepalive = {{ wireguard_unmanaged_peers[peer].persistent_keepalive }} {% endif %} {% endfor %} {% endif %}