ansible-roles/vpn/wireguard/templates/client/IFACE

27 lines
1.1 KiB
Plaintext

auto {{ vpn_wireguard_iface }}
iface {{ vpn_wireguard_iface }} inet static
pre-up /usr/local/sbin/ip-link-add.sh $IFACE type wireguard
pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
pre-up ip link set mtu {{ vpn_wireguard_mtu }} dev $IFACE
post-up /usr/local/sbin/post-up-$IFACE-inet.nft
post-up /usr/local/sbin/post-up-$IFACE-ipv4.nft
post-up ip route add default dev $IFACE table {{ vpn_wireguard_routing_table }}
pre-down ip route del default dev $IFACE table {{ vpn_wireguard_routing_table }}
pre-down /usr/local/sbin/pre-down-$IFACE-ipv4.nft
pre-down /usr/local/sbin/pre-down-$IFACE-inet.nft
address {{ vpn_wireguard_address }}
netmask {{ vpn_wireguard_prefixlen }}
{% if vpn_wireguard_address_v6 is defined %}
iface {{ vpn_wireguard_iface }} inet6 static
post-up ip -6 route add default dev $IFACE table {{ vpn_wireguard_routing_table }}
pre-down ip -6 route del default dev $IFACE table {{ vpn_wireguard_routing_table }}
address {{ vpn_wireguard_address_v6 }}
netmask {{ vpn_wireguard_prefixlen_v6 }}
{% endif %}