dn42/templates/wg-quick.j2

{%- set ifname = peer.if.name | default(dn42_wg_default_if_prefix + peer.name) -%}
{%- set localv4 = peer.if.v4 | default(dn42_local_v4) -%}
{%- set localv6 = peer.if.v6 | default(dn42_local_v6) -%}
{%- if dn42_configure_linux_network_table -%}
{%- set table = "42" -%}
{%- else -%}
{%- set table = "main" -%}
{%- endif -%}

[Interface]
PrivateKey = {{ peer.wg.privkey | default(dn42_wg_private_key) }}
Address = {{ localv4 }}/32, {{ localv6 }}/128
PostUp = {% if peer.v4 is defined -%}
/sbin/ip addr del dev {{ ifname }} {{ localv4 }}/32 && {# ... -#}
/sbin/ip addr add dev {{ ifname }} {{ localv4 }}/32 peer {{ peer.v4 }}/32
{%- if peer.v6 is defined %} && {% endif -%}
{%- endif %}{% if peer.v6 is defined -%}
/sbin/ip addr del dev {{ ifname }} {{ localv6 }}/128 && {# ... -#}
/sbin/ip addr add dev {{ ifname }} {{ localv6 }}/128 peer {{ peer.v6 }}/128 && {# ... -#}
ip -6 r add {{ peer.v6 }}/128 dev {{ ifname }} table {{ table }} || true
{%- endif %}

Table = off
ListenPort = {{ peer.wg.port }}

[Peer]
Endpoint = {{ peer.wg.endpoint }}
PublicKey = {{ peer.wg.pubkey }}
AllowedIPs = 172.16.0.0/12
AllowedIPs = 10.0.0.0/8
AllowedIPs = fd00::/8
AllowedIPs = fe80::/10
AllowedIPs = 169.254.0.0/16