X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/d67b78773673b939831588836bee081d1360fd3c..f7628dac50cd43cd44bb4f7e5c343fe990b5af3f:/cookbooks/networking/templates/default/wireguard.network.erb

diff --git a/cookbooks/networking/templates/default/wireguard.network.erb b/cookbooks/networking/templates/default/wireguard.network.erb
index 636f2867a..a3b7dd115 100644
--- a/cookbooks/networking/templates/default/wireguard.network.erb
+++ b/cookbooks/networking/templates/default/wireguard.network.erb
@@ -1,8 +1,26 @@
 [Match]
 Name=wg0
 
+[Link]
+RequiredForOnline=no
+
 [Network]
+<% if node.internal_ipaddress -%>
+Address=<%= node.internal_ipaddress %>/32
+<% end -%>
+<% if node[:networking][:private_address] -%>
+Address=<%= node[:networking][:private_address] %>/32
+<% end -%>
 Address=<%= node[:networking][:wireguard][:address] %>/128
 
 [Route]
 Destination=fd43:e709:ea6d:1::/64
+<% node[:networking][:wireguard][:peers].sort_by { |p| p[:public_key] }.each do |peer| -%>
+<% Array(peer[:allowed_ips]).sort.each do |ip| -%>
+<% unless ip =~ /^fd43:e709:ea6d:1::/ -%>
+
+[Route]
+Destination=<%= ip %>
+<% end -%>
+<% end -%>
+<% end -%>