serverctl/infrastructure/create-resources/ansible/roles/wireguard/mesh/templates/systemd.netdev

[NetDev]
Name=wg0
Kind=wireguard
Description=WireGuard tunnel wg0

[WireGuard]
ListenPort={{ wireguard_port }}
PrivateKey={{ wireguard_private_key.stdout }}

{% for peer in groups['serverctl_cluster'] %}
{% if peer != inventory_hostname %}

[WireGuardPeer]
PublicKey={{ hostvars[peer].wireguard_public_key.stdout }}
PresharedKey={{ wireguard_preshared_keys[peer] if inventory_hostname < peer else hostvars[peer].wireguard_preshared_keys[inventory_hostname] }}
AllowedIPs={{ hostvars[peer].wireguard_ip }}/32
Endpoint={{ hostvars[peer].ansible_host }}:{{ wireguard_port }}
PersistentKeepalive=25
{% endif %}
{% endfor %}
Add wireguard 2022-02-24 13:57:19 +01:00			`[NetDev]`
			`Name=wg0`
			`Kind=wireguard`
			`Description=WireGuard tunnel wg0`

			`[WireGuard]`
			`ListenPort={{ wireguard_port }}`
			`PrivateKey={{ wireguard_private_key.stdout }}`

Merged configs 2022-02-24 14:03:42 +01:00			`{% for peer in groups['serverctl_cluster'] %}`
Add wireguard 2022-02-24 13:57:19 +01:00			`{% if peer != inventory_hostname %}`

			`[WireGuardPeer]`
			`PublicKey={{ hostvars[peer].wireguard_public_key.stdout }}`
			`PresharedKey={{ wireguard_preshared_keys[peer] if inventory_hostname < peer else hostvars[peer].wireguard_preshared_keys[inventory_hostname] }}`
			`AllowedIPs={{ hostvars[peer].wireguard_ip }}/32`
			`Endpoint={{ hostvars[peer].ansible_host }}:{{ wireguard_port }}`
			`PersistentKeepalive=25`
			`{% endif %}`
			`{% endfor %}`