diff options
| author | binary <me@rgoncalves.se> | 2020-11-12 14:29:49 +0100 |
|---|---|---|
| committer | binary <me@rgoncalves.se> | 2020-11-12 14:29:49 +0100 |
| commit | b419094cda74405eb4cbb8b7031b53cd2f347566 (patch) | |
| tree | e3e6de54517612ebc96a6d3804848637562103a4 /roles/wireguard/templates/dcontroller.conf.j2 | |
| parent | 9007e995ed14f92af8fe57fbe9ced0047d2a5634 (diff) | |
| download | infrastructure-b419094cda74405eb4cbb8b7031b53cd2f347566.tar.gz | |
Refactor and cleanup old roles
Diffstat (limited to 'roles/wireguard/templates/dcontroller.conf.j2')
| -rw-r--r-- | roles/wireguard/templates/dcontroller.conf.j2 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/roles/wireguard/templates/dcontroller.conf.j2 b/roles/wireguard/templates/dcontroller.conf.j2 new file mode 100644 index 0000000..c1fd887 --- /dev/null +++ b/roles/wireguard/templates/dcontroller.conf.j2 @@ -0,0 +1,19 @@ + +# wireguard client configuration ~~ /etc/wireguard/*.conf +# managed by Ansible +{% set dcontroller_keys = lookup("file", wg_dcontroller_keys).splitlines() %} + +[Interface] +#Address = {{ ip.in }}, fd00::1/128 +ListenPort = 53 +PrivateKey = {{ dcontroller_keys[0] }} + +{% for host in groups["all"] if hostvars[host].ansible_host != _i.dcontroller %} +{% set host = hostvars[host] %} +{% set host_keys = lookup("file", wg_dir + "/" + host.ansible_host + ".keys").splitlines() %} +# {{ host.ansible_host }} +[Peer] +PublicKey = {{ host_keys[1] }} +AllowedIPs = {{ host.ip.in }}/32, fd00:10:10::{{ host.ip.in.split('.')[3] }}/128 + +{% endfor %} |