ansible/role_wireguard
2
Fork 0
Code Pull Requests Releases Activity
Files
77254a7f59e988de92263be6980d1faf18ddac42
role_wireguard/templates/wgN.j2

37 lines
1.2 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
{%- if wireguard_openbao_mount | length > 0 %}
{%- set openbao_path = [inventory_hostname, ansible_role_name, inventory_hostname] | join('/') %}
{%- set privatekey = lookup('community.hashi_vault.vault_kv2_get', openbao_path)['data']['data']['privatekey'] %}
{%- else %}
{%- set privatekey = wireguard_interface_privatekey %}
{%- endif %}
[Interface]
Address = {{ wireguard_interface_addresses | join(', ') }}
ListenPort = {{ wireguard_interface_listen_port }}
PrivateKey = {{ privatekey }}
{% for peer in wireguard_peers -%}
{% if wireguard_openbao_mount | length > 0 -%}
{% set openbao_path = [inventory_hostname, ansible_role_name, peer.name] | join('/') -%}
{% set publickey = lookup('community.hashi_vault.vault_kv2_get', openbao_path)['data']['data']['publickey'] -%}
{% else -%}
{% set publickey = peer.publickey -%}
{% endif -%}
[Peer]
# {{ peer.name }}
AllowedIPs = {{ peer.allowed_ips | join(', ') }}
{% if peer.endpoint is defined %}
Endpoint = {{ peer.endpoint }}
{% endif %}
{% if peer.persistent_keepalive is defined %}
PersistentKeepalive = {{ peer.persistent_keepalive }}
{% endif %}
PublicKey = {{ publickey }}
{% if not loop.last %}
{% endif %}
{% endfor %}
View Git Blame Copy Permalink