sinibaldi
/
SSE-Lab
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
SSE-Lab/ansible/playbooks/roles/wireguard_server/templates/wireguard_server.jinja

27 lines
923 B
Django/Jinja
Raw Blame History

# templates/wireguard-server.conf.j2 - WireGuard server configuration
# Managed by Ansible - do not edit manually
[Interface]
Address = {{ wg_server_address }}
ListenPort = {{ wg_port }}
PrivateKey = {{ wg_server_private_key.stdout }}
# IP forwarding
PreUp = sysctl -w net.ipv4.ip_forward=1
# IP masquerading
PreUp = iptables -t mangle -A PREROUTING -i {{wg_interface}} -j MARK --set-mark 0x30
PreUp = iptables -t nat -A POSTROUTING ! -o {{wg_interface}} -m mark --mark 0x30 -j MASQUERADE
PostDown = iptables -t mangle -D PREROUTING -i {{wg_interface}} -j MARK --set-mark 0x30
PostDown = iptables -t nat -D POSTROUTING ! -o {{wg_interface}} -m mark --mark 0x30 -j MASQUERADE
{% for peer in wg_peers %}
# {{ peer.name }}
[Peer]
PublicKey = {{ peer.publicKey }}
AllowedIPs = {{ peer.allowedIP }}
{% if peer.persistent_keepalive is defined %}
PersistentKeepalive = {{ peer.persistent_keepalive }}
{% endif %}
{% endfor %}
Reference in New Issue View Git Blame Copy Permalink