25 lines
898 B
Plaintext
25 lines
898 B
Plaintext
[Interface]
|
|
{% for addr in wireguard.cidr %}
|
|
Address = {{ addr }}
|
|
{% endfor %}
|
|
MTU = 1420
|
|
SaveConfig = true
|
|
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
|
ListenPort = {{ wireguard.port }}
|
|
PrivateKey = {{ wireguard.private_key }}
|
|
|
|
{% for peer in wireguard_peers %}
|
|
# Peer: {{ peer.name }}
|
|
[Peer]
|
|
PublicKey = {{ peer.pubkey }}
|
|
AllowedIPs = {{ peer.allowedips | join(", ") }}
|
|
{% if peer.endpoint is defined %}
|
|
Endpoint = {{ peer.endpoint }}
|
|
{% endif %}
|
|
{% if peer.keepalive is defined %}
|
|
PersistentKeepalive = {{ peer.keepalive }}
|
|
{% endif %}
|
|
|
|
{% endfor %}
|