algo/roles/wireguard/templates/server.conf.j2

[Interface]
Address = {{ wireguard_network_ipv4['subnet'] }}/{{ wireguard_network_ipv4['prefix'] }}{% if ipv6_support %},{{ wireguard_network_ipv6['gateway'] }}/{{ wireguard_network_ipv6['prefix'] }}
{% endif %}

ListenPort = {{ wireguard_port }}
PrivateKey = {{ lookup('file', wireguard_config_path + '/private/' + IP_subject_alt_name) }}
SaveConfig = false
Table = off

{% for u in users %}

[Peer]
# {{ u }}
PublicKey = {{ lookup('file', wireguard_config_path + '/public/' + u) }}
AllowedIPs = {{ wireguard_network_ipv4['clients_range'] }}.{{ wireguard_network_ipv4['clients_start'] + loop.index }}/32{% if ipv6_support %},{{ wireguard_network_ipv6['clients_range'] }}{{ wireguard_network_ipv6['clients_start'] + loop.index }}/128
{% endif %}
{% endfor %}
Add WireGuard support for Android (#910) * WireGuard Implementation * Update client-android.md * Update README.md * WireGuard unattended upgrades * Update README.md * reload-module-on-update and syntax fix * SaveConfig to true * Azure firewall. Fixes #962 * Update README.md * Update client-android.md 2018-05-24 15:15:27 +00:00			`[Interface]`
			`Address = {{ wireguard_network_ipv4['subnet'] }}/{{ wireguard_network_ipv4['prefix'] }}{% if ipv6_support %},{{ wireguard_network_ipv6['gateway'] }}/{{ wireguard_network_ipv6['prefix'] }}`
			`{% endif %}`

			`ListenPort = {{ wireguard_port }}`
			`PrivateKey = {{ lookup('file', wireguard_config_path + '/private/' + IP_subject_alt_name) }}`
WireGuard: disable SaveConfig, update-users fix (#985) - Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users - WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561 2018-06-01 14:06:03 +00:00			`SaveConfig = false`
Add WireGuard support for Android (#910) * WireGuard Implementation * Update client-android.md * Update README.md * WireGuard unattended upgrades * Update README.md * reload-module-on-update and syntax fix * SaveConfig to true * Azure firewall. Fixes #962 * Update README.md * Update client-android.md 2018-05-24 15:15:27 +00:00			`Table = off`

			`{% for u in users %}`

			`[Peer]`
			`# {{ u }}`
			`PublicKey = {{ lookup('file', wireguard_config_path + '/public/' + u) }}`
			`AllowedIPs = {{ wireguard_network_ipv4['clients_range'] }}.{{ wireguard_network_ipv4['clients_start'] + loop.index }}/32{% if ipv6_support %},{{ wireguard_network_ipv6['clients_range'] }}{{ wireguard_network_ipv6['clients_start'] + loop.index }}/128`
			`{% endif %}`
			`{% endfor %}`