homelab/roles/base/templates/wireguard.j2

# {{ ansible_managed }}

[Interface] # {{ ansible_hostname }}
PrivateKey = {{ wgkey['content'] | b64decode | trim }}
Address = {{ wireguard.address }}
{% if wireguard.listenport is defined %}
ListenPort = {{ wireguard.listenport }}
{% endif %}

{% for peer in wireguard.peers %}
{% if peer.name is defined %}
[Peer] # {{ peer.name }}
{% else %}
[Peer]
{% endif %}
PublicKey = {{ peer.publickey }}
{% if peer.presharedkey is defined %}
PresharedKey = {{ peer.presharedkey }}
{% else %}
{% set preshared_key = (
    wgshared.results
    | selectattr('item.item.name', 'equalto', peer.name)
    | first
  ).content
  | default(none)
%}
{% if preshared_key is not none %}
PresharedKey = {{ preshared_key | b64decode | trim }}
{% endif %}
{% endif %}
{% if peer.endpoint is defined %}
Endpoint = {{ peer.endpoint }}
{% endif %}
AllowedIPs = {{ peer.allowedips }}
{% if peer.keepalive is defined %}
PersistentKeepalive = {{ peer.keepalive }}
{% endif %}

{% endfor %}
Use file-based preshared keys for WireGuard - Include proxy role in standard Docker playbook 2024-10-14 02:27:27 +00:00			`# {{ ansible_managed }}`

			`[Interface] # {{ ansible_hostname }}`
Add WireGuard VPN 2021-05-07 04:24:52 +00:00			`PrivateKey = {{ wgkey['content'] \| b64decode \| trim }}`
			`Address = {{ wireguard.address }}`
			`{% if wireguard.listenport is defined %}`
			`ListenPort = {{ wireguard.listenport }}`
			`{% endif %}`

			`{% for peer in wireguard.peers %}`
Use file-based preshared keys for WireGuard - Include proxy role in standard Docker playbook 2024-10-14 02:27:27 +00:00			`{% if peer.name is defined %}`
			`[Peer] # {{ peer.name }}`
			`{% else %}`
Add WireGuard VPN 2021-05-07 04:24:52 +00:00			`[Peer]`
Use file-based preshared keys for WireGuard - Include proxy role in standard Docker playbook 2024-10-14 02:27:27 +00:00			`{% endif %}`
Add WireGuard VPN 2021-05-07 04:24:52 +00:00			`PublicKey = {{ peer.publickey }}`
Update Samba and WireGuard configuration - Adjust Samba config file permissions to 644 - Introduce PresharedKey option in WireGuard config template 2024-09-11 02:35:20 +00:00			`{% if peer.presharedkey is defined %}`
			`PresharedKey = {{ peer.presharedkey }}`
Use file-based preshared keys for WireGuard - Include proxy role in standard Docker playbook 2024-10-14 02:27:27 +00:00			`{% else %}`
			`{% set preshared_key = (`
			`wgshared.results`
			`\| selectattr('item.item.name', 'equalto', peer.name)`
			`\| first`
			`).content`
			`\| default(none)`
			`%}`
			`{% if preshared_key is not none %}`
			`PresharedKey = {{ preshared_key \| b64decode \| trim }}`
			`{% endif %}`
Update Samba and WireGuard configuration - Adjust Samba config file permissions to 644 - Introduce PresharedKey option in WireGuard config template 2024-09-11 02:35:20 +00:00			`{% endif %}`
Add WireGuard VPN 2021-05-07 04:24:52 +00:00			`{% if peer.endpoint is defined %}`
			`Endpoint = {{ peer.endpoint }}`
			`{% endif %}`
			`AllowedIPs = {{ peer.allowedips }}`
			`{% if peer.keepalive is defined %}`
			`PersistentKeepalive = {{ peer.keepalive }}`
			`{% endif %}`

			`{% endfor %}`