algo/roles/wireguard/templates/server.conf.j2

[Interface]
Address = {{ wireguard_server_ip }}
ListenPort = {{ wireguard_port }}
PrivateKey = {{ lookup('file', wireguard_config_path + '/private/' + IP_subject_alt_name) }}
SaveConfig = false

{% for u in wireguard_users %}
{% if u in users %}
{% set index = loop.index %}

[Peer]
# {{ u }}
PublicKey = {{ lookup('file', wireguard_config_path + '/public/' + u) }}
AllowedIPs = {{ wireguard_network_ipv4['clients_range'] }}.{{ wireguard_network_ipv4['clients_start'] + index }}/32{% if ipv6_support %},{{ wireguard_network_ipv6['clients_range'] }}{{ wireguard_network_ipv6['clients_start'] + index }}/128{% endif %}

{% endif %}
{% endfor %}
Add WireGuard support for Android (#910) * WireGuard Implementation * Update client-android.md * Update README.md * WireGuard unattended upgrades * Update README.md * reload-module-on-update and syntax fix * SaveConfig to true * Azure firewall. Fixes #962 * Update README.md * Update client-android.md 2018-05-24 15:15:27 +00:00			`[Interface]`
WireGuard update-users fix (#1154) 2018-10-22 20:49:09 +00:00			`Address = {{ wireguard_server_ip }}`
Add WireGuard support for Android (#910) * WireGuard Implementation * Update client-android.md * Update README.md * WireGuard unattended upgrades * Update README.md * reload-module-on-update and syntax fix * SaveConfig to true * Azure firewall. Fixes #962 * Update README.md * Update client-android.md 2018-05-24 15:15:27 +00:00			`ListenPort = {{ wireguard_port }}`
			`PrivateKey = {{ lookup('file', wireguard_config_path + '/private/' + IP_subject_alt_name) }}`
WireGuard: disable SaveConfig, update-users fix (#985) - Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users - WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561 2018-06-01 14:06:03 +00:00			`SaveConfig = false`
Add WireGuard support for Android (#910) * WireGuard Implementation * Update client-android.md * Update README.md * WireGuard unattended upgrades * Update README.md * reload-module-on-update and syntax fix * SaveConfig to true * Azure firewall. Fixes #962 * Update README.md * Update client-android.md 2018-05-24 15:15:27 +00:00
WireGuard update-users fix (#1183) 2018-11-12 17:03:31 +00:00			`{% for u in wireguard_users %}`
			`{% if u in users %}`
			`{% set index = loop.index %}`
Add WireGuard support for Android (#910) * WireGuard Implementation * Update client-android.md * Update README.md * WireGuard unattended upgrades * Update README.md * reload-module-on-update and syntax fix * SaveConfig to true * Azure firewall. Fixes #962 * Update README.md * Update client-android.md 2018-05-24 15:15:27 +00:00
			`[Peer]`
			`# {{ u }}`
			`PublicKey = {{ lookup('file', wireguard_config_path + '/public/' + u) }}`
WireGuard update-users fix (#1183) 2018-11-12 17:03:31 +00:00			`AllowedIPs = {{ wireguard_network_ipv4['clients_range'] }}.{{ wireguard_network_ipv4['clients_start'] + index }}/32{% if ipv6_support %},{{ wireguard_network_ipv6['clients_range'] }}{{ wireguard_network_ipv6['clients_start'] + index }}/128{% endif %}`

			`{% endif %}`
Add WireGuard support for Android (#910) * WireGuard Implementation * Update client-android.md * Update README.md * WireGuard unattended upgrades * Update README.md * reload-module-on-update and syntax fix * SaveConfig to true * Azure firewall. Fixes #962 * Update README.md * Update client-android.md 2018-05-24 15:15:27 +00:00			`{% endfor %}`