playbooks/roles/wireguard-mesh/templates/mmtmesh.conf.j2


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

[Interface]
Address={{ wireguard_node_ips[inventory_hostname] }}/32
SaveConfig=true
ListenPort={{ wireguard_listen_port }}
PrivateKey={{ wireguard_private_key.stdout }}

{% for peer in groups['wireguard-mesh'] %}
{% if peer != inventory_hostname %}

[Peer]
PublicKey={{ hostvars[peer].wireguard_public_key.stdout }}
PresharedKey={{ wireguard_preshared_keys[peer] if inventory_hostname < peer else hostvars[peer].wireguard_preshared_keys[inventory_hostname] }}
AllowedIPs={{ wireguard_node_ips[peer] }}/32
Endpoint={{ peer | replace('.int.', '.pub.') }}:{{ wireguard_listen_port }}

{% endif %}
{% endfor %}