tchivert/ansible-role-wireguard
1
Fork 0
Code Activity
Files
main
ansible-role-wireguard/templates/server.conf.j2
tom.chivert 7310bd9965 add PersistentKeepAlive configuration
2025-06-25 15:09:08 +02:00

22 lines
881 B
Django/Jinja
Raw Permalink Blame History

[Interface]
Address = {{ wireguard_listen_addr }}
ListenPort = {{ wireguard_listen_port }}
PrivateKey = {{ wireguard_private_key }}
{% if wireguard_forwarding is defined %}
PreUp = sysctl -w net.ipv4.ip_forward=1
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {{ wireguard_forwarding }} -j MASQUERADE
PostUp = iptables -I DOCKER-USER -i %i -o {{ wireguard_forwarding }} -j ACCEPT; iptables -I DOCKER-USER -i {{ wireguard_forwarding }} -o %i -j ACCEPT
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o {{ wireguard_forwarding }} -j MASQUERADE
{% endif %}
{% for user in wireguard_users %}
# {{ user.name }}
[Peer]
PublicKey = {{ user.public_key }}
AllowedIPs = {{ user.address }}
{% if wireguard_persistent_keepalive is defined %}
PersistentKeepAlive = {{ wireguard_persistent_keepalive }}
{% endif %}
{% endfor %}
View Git Blame Copy Permalink