~xenrox/ansible

ref: 01f19ba877d37a2184a052762d4f1af13b678836 ansible/roles/wireguard/templates/wg0.netdev.j2 -rw-r--r-- 676 bytes
01f19ba8Thorben Günther matrix: Regulate admin API access with internal_access 2 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[NetDev]
Name=wg0
Kind=wireguard
Description=WireGuard tunnel wg0

[WireGuard]
ListenPort=51820
PrivateKey={{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/' ~ inventory_hostname ~ '.key:content') | trim }}

{% for host in groups['wireguard'] if host != inventory_hostname %}
[WireGuardPeer]
PublicKey={{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/' ~ host ~ '.pub:content') | trim }}
PresharedKey={{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/' ~ inventory_hostname ~ '_' ~ host ~ '.psk:content') | trim }}
AllowedIPs={{ hostvars[host]['wireguard_address'] }}/32
Endpoint={{ host }}:51820

{% endfor %}