]> git.openstreetmap.org Git - chef.git/blob - cookbooks/networking/templates/default/wireguard.netdev.erb
Centralise enablement of backports
[chef.git] / cookbooks / networking / templates / default / wireguard.netdev.erb
1 [NetDev]
2 Name=wg0
3 Kind=wireguard
4
5 [WireGuard]
6 PrivateKeyFile=/var/lib/systemd/wireguard/private.key
7 ListenPort=51820
8 <% node[:networking][:wireguard][:peers].sort_by { |p| p[:public_key] }.each do |peer| -%>
9
10 [WireGuardPeer]
11 PublicKey=<%= peer[:public_key] %>
12 PresharedKeyFile=/var/lib/systemd/wireguard/preshared.key
13 AllowedIPs=<%= Array(peer[:allowed_ips]).sort.join(",") %>
14 <% if peer[:endpoint] -%>
15 Endpoint=<%= peer[:endpoint] %>
16 <% end -%>
17 <% if node[:networking][:wireguard][:keepalive] -%>
18 PersistentKeepalive=<%= node[:networking][:wireguard][:keepalive] %>
19 <% end -%>
20 <% end -%>