#jinja2: lstrip_blocks:"True",trim_blocks:"True" [Interface] # {{ inventory_hostname }} Address = {{hostvars[inventory_hostname].wireguard_address}} PrivateKey = {{ wireguard__fact_private_key }} ListenPort = {{ wireguard_port }} {% if hostvars[inventory_hostname].wireguard_dns is defined %} DNS = {{hostvars[inventory_hostname].wireguard_dns}} {% endif %} {% if hostvars[inventory_hostname].wireguard_fwmark is defined %} FwMark = {{hostvars[inventory_hostname].wireguard_fwmark}} {% endif %} {% if hostvars[inventory_hostname].wireguard_mtu is defined %} MTU = {{hostvars[inventory_hostname].wireguard_mtu}} {% endif %} {% if hostvars[inventory_hostname].wireguard_table is defined %} Table = {{hostvars[inventory_hostname].wireguard_table}} {% endif %} {% if hostvars[inventory_hostname].wireguard_preup is defined %} {% for wg_preup in hostvars[inventory_hostname].wireguard_preup %} PreUp = {{ wg_preup }} {% endfor %} {% endif %} {% if hostvars[inventory_hostname].wireguard_predown is defined %} {% for wg_predown in hostvars[inventory_hostname].wireguard_predown %} PreDown = {{ wg_predown }} {% endfor %} {% endif %} {% if hostvars[inventory_hostname].wireguard_postup is defined %} {% for wg_postup in hostvars[inventory_hostname].wireguard_postup %} PostUp = {{ wg_postup }} {% endfor %} {% endif %} {% if hostvars[inventory_hostname].wireguard_postdown is defined %} {% for wg_postdown in hostvars[inventory_hostname].wireguard_postdown %} PostDown = {{ wg_postdown }} {% endfor %} {% endif %} {% if hostvars[inventory_hostname].wireguard_save_config is defined %} SaveConfig = true {% endif %} {% for host in ansible_play_hosts %} {% if host != inventory_hostname %} [Peer] # {{ host }} PublicKey = {{hostvars[host].wireguard__fact_public_key}} {% if hostvars[host].wireguard_allowed_ips is defined %} AllowedIPs = {{hostvars[host].wireguard_allowed_ips}} {% else %} AllowedIPs = {{hostvars[host].wireguard_ip}}/32 {% endif %} {% if hostvars[host].wireguard_persistent_keepalive is defined %} PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}} {% endif %} {% if ( hostvars[host].wireguard_dc is defined and hostvars[inventory_hostname].wireguard_dc is defined and hostvars[inventory_hostname].wireguard_dc['name'] != hostvars[host].wireguard_dc['name'] ) %} Endpoint = {{hostvars[host].wireguard_dc['endpoint']}}:{{hostvars[host].wireguard_dc['port']}} {% elif hostvars[host].wireguard_port is defined and hostvars[host].wireguard_port is number %} {% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %} Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}} {% else %} Endpoint = {{host}}:{{hostvars[host].wireguard_port}} {% endif %} {% elif hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %} Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}} {% elif hostvars[host].wireguard_endpoint == "" %} # No endpoint defined for this peer {% else %} Endpoint = {{host}}:{{wireguard_port}} {% endif %} {% endif %} {% endfor %} {% if wireguard_unmanaged_peers is defined %} # Peers not managed by Ansible from "wireguard_unmanaged_peers" variable {% for peer in wireguard_unmanaged_peers.keys() %} [Peer] # {{ peer }} PublicKey = {{ wireguard_unmanaged_peers[peer].public_key }} {% if wireguard_unmanaged_peers[peer].preshared_key is defined %} PresharedKey = {{ wireguard_unmanaged_peers[peer].preshared_key }} {% endif %} {% if wireguard_unmanaged_peers[peer].allowed_ips is defined %} AllowedIPs = {{ wireguard_unmanaged_peers[peer].allowed_ips }} {% endif %} {% if wireguard_unmanaged_peers[peer].endpoint is defined %} Endpoint = {{ wireguard_unmanaged_peers[peer].endpoint }} {% endif %} {% if wireguard_unmanaged_peers[peer].persistent_keepalive is defined %} PersistentKeepalive = {{ wireguard_unmanaged_peers[peer].persistent_keepalive }} {% endif %} {% endfor %} {% endif %}