diff options
| author |  Joe Banks <[email protected]> | 2024-08-30 17:46:35 +0100 |
|---|---|---|
| committer | Joe Banks <[email protected]> | 2024-08-30 17:46:35 +0100 |
| commit | e4346fed64402de5c9c2fa29ca89538281f32600 (patch) | |
| tree | c7c24f7fdf99ea2477bd0a11a98713476fb2f859 | |
| parent | Set packages to install for Wireguard by distribution (diff) | |
Update templated WireGuard config
Include a missing PreDown task to remove the local routes we add as well
as including all hosts in the inventory instead of just netcup hosts.
| -rw-r--r-- | ansible/roles/wireguard/templates/wg0.conf.j2 | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ansible/roles/wireguard/templates/wg0.conf.j2 b/ansible/roles/wireguard/templates/wg0.conf.j2 index d3bbb56..a2b89f2 100644 --- a/ansible/roles/wireguard/templates/wg0.conf.j2 +++ b/ansible/roles/wireguard/templates/wg0.conf.j2 @@ -5,8 +5,9 @@ ListenPort = {{ wireguard_port }} PrivateKey = {{ wg_priv_key['content'] | b64decode | trim }} PostUp = ip route add local {{ wireguard_subnet }} dev eth0 +PreDown = ip route del local {{ wireguard_subnet }} dev eth0 -{% for host in groups["netcup"] if not host == inventory_hostname %} +{% for host in hostvars if not host == inventory_hostname %} # Peer config for: {{ host }} [Peer] AllowedIPs = {{ hostvars[host]['wireguard_subnet'] }} |