test/jcloude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
jcloude/press/playbooks/roles/reload_wireguard/templates/wg.conf
jingrow e3fc0a705a initial commit
2025-12-23 19:17:16 +08:00

26 lines
878 B
Plaintext
Raw Blame History

[Interface]
Address = {{ wireguard_network }}
ListenPort = {{ wireguard_port }}
PrivateKey = {{ wireguard_private_key }}
PreUp = sysctl -w net.ipv4.ip_forward=1
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {{ interface_id }} -j MASQUERADE
PostUp = iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o {{ interface_id }} -j MASQUERADE
PostDown = sysctl -w net.ipv4.ip_forward=0
{% if peers %}
{% for peer in (peers | from_json) %}
[Peer]
# {{ peer.name }}
{% if peer.peer_ip %}
Endpoint = {{peer.peer_ip}}:{{wireguard_port}}
{% endif %}
PublicKey = {{ peer.public_key }}
AllowedIPs = {{ peer.allowed_ips}}
PersistentKeepalive = 25
{% endfor %}
{% endif %}
Reference in New Issue View Git Blame Copy Permalink