cookbooks/networking/templates/default/wireguard.network.erb

   1 [Match]
   2 Name=wg0
   3
   4 [Link]
   5 RequiredForOnline=no
   6
   7 [Network]
   8 <% if node.internal_ipaddress -%>
   9 Address=<%= node.internal_ipaddress %>/32
  10 <% end -%>
  11 <% if node[:networking][:private_address] -%>
  12 Address=<%= node[:networking][:private_address] %>/32
  13 <% end -%>
  14 Address=<%= node[:networking][:wireguard][:address] %>/128
  15
  16 [Route]
  17 Destination=fd43:e709:ea6d:1::/64
  18 <% node[:networking][:wireguard][:peers].sort_by { |p| p[:public_key] }.each do |peer| -%>
  19 <% Array(peer[:allowed_ips]).sort.each do |ip| -%>
  20 <% unless ip =~ /^fd43:e709:ea6d:1::/ -%>
  21
  22 [Route]
  23 Destination=<%= ip %>
  24 <% end -%>
  25 <% end -%>
  26 <% end -%>