tobias/infrastructure
1
0
Fork 0
Code Issues 5 Pull Requests Projects Activity
5a8416fcdf
infrastructure/coreos-config/plays/services/wireguard/wg0.conf

25 lines
898 B
Plaintext
Raw Normal View History

Initial Signed-off-by: Tobias Manske <tobias.manske@mailbox.org>
2022-06-18 14:12:12 +02:00
[Interface]
Wireguard: More Peer Config
2023-03-05 04:26:29 +01:00
{% for addr in wireguard.cidr %}
Address = {{ addr }}
{% endfor %}
Initial Signed-off-by: Tobias Manske <tobias.manske@mailbox.org>
2022-06-18 14:12:12 +02:00
MTU = 1420
SaveConfig = true
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Wireguard: More Peer Config
2023-03-05 04:26:29 +01:00
ListenPort = {{ wireguard.port }}
Initial Signed-off-by: Tobias Manske <tobias.manske@mailbox.org>
2022-06-18 14:12:12 +02:00
PrivateKey = {{ wireguard.private_key }}
{% for peer in wireguard_peers %}
# Peer: {{ peer.name }}
[Peer]
PublicKey = {{ peer.pubkey }}
AllowedIPs = {{ peer.allowedips | join(", ") }}
Wireguard: More Peer Config
2023-03-05 04:26:29 +01:00
{% if peer.endpoint is defined %}
Endpoint = {{ peer.endpoint }}
{% endif %}
{% if peer.keepalive is defined %}
PersistentKeepalive = {{ peer.keepalive }}
{% endif %}
Initial Signed-off-by: Tobias Manske <tobias.manske@mailbox.org>
2022-06-18 14:12:12 +02:00
{% endfor %}
Reference in New Issue Copy Permalink