ansible-crxn-router/roles/wireguard/templates/config.j2

[Interface]
ListenPort = {{ item.wg.port }}
PrivateKey = {{ item.wg.privkey }}

{% if item.wg.mode == "address" %}
Address = {{ peering.linklocal }}/64

{% elif item.wg.mode == "ptp" %}

{% if item.peer_linklocal is defined %}
PostUp = /sbin/ip addr add dev %i {{ peering.linklocal }}/128 peer {{ item.peer_linklocal }}/128
{% endif %}

{% if item.peer_ula is defined %}
PostUp = /sbin/ip addr add dev %i {{ peering.ula }}/128 peer {{ item.peer_ula }}/128
{% endif %}

{% if item.peer_ipv4 is defined %}
PostUp = /sbin/ip addr add dev %i {{ peering.ipv4 }}/32 peer {{ item.peer_ipv4 }}/32
{% endif %}

{% if item.transfernet.ipv4 is defined %}
PostUp = /sbin/ip addr add dev %i {{ item.transfernet.ipv4.local }}/32 peer {{ item.transfernet.ipv4.remote }}/32
{% endif %}

{% if item.transfernet.ipv6 is defined %}
PostUp = /sbin/ip addr add dev %i {{ item.transfernet.ipv6.local }}/128 peer {{ item.transfernet.ipv6.remote }}/128
{% endif %}

{% endif %}
Table = off

{% if item.mtu is defined %}
MTU = {{ item.mtu }}
{% endif %}

[Peer]
PublicKey = {{ item.wg.peer.pubkey }}
{% if item.wg.peer.psk is defined %}PresharedKey = {{ item.wg.peer.psk }}
{% endif %}
{% if item.wg.peer.endpoint is defined %}Endpoint = {{ item.wg.peer.endpoint }}
{% endif %}
{% if item.wg.peer.keepalive is defined %}PersistentKeepalive = {{ item.wg.peer.keepalive }}
{% endif %}
{% if item.wg.net == "ipv6" %}
AllowedIPs = ::/0
{% elif item.wg.net == "ipv4" %}
AllowedIPs = 0.0.0.0/0
{% elif item.wg.net == "both" %}
AllowedIPs = 0.0.0.0/0, ::/0
{% endif %}