From d5858fe595b79b55207f6506da65fc292368c44a Mon Sep 17 00:00:00 2001
From: nd <git@notandy.de>
Date: Sun, 2 Aug 2020 15:53:59 +0200
Subject: [PATCH] first working version

---
 tasks/main.yml                |  1 +
 tasks/net.yml                 |  4 ++--
 templates/networkinterface.j2 | 16 +++++++++++-----
 templates/wireguard.conf.j2   |  8 +++++---
 4 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index 062068c..1def4c2 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -3,6 +3,7 @@
     name:
     - wireguard
     - wireguard-tools
+    - linux-headers-amd64
 
 - name: handle a wireguard network
   include_tasks: net.yml
diff --git a/tasks/net.yml b/tasks/net.yml
index 17ce263..62574a0 100644
--- a/tasks/net.yml
+++ b/tasks/net.yml
@@ -1,5 +1,5 @@
 - set_fact:
-    item: "{{ {}|combine(wireguard.defaults , {'name': conn.name}, item.value, recursive=True) }}"
+    item: "{{ {}|combine(wireguard.defaults , {'name': conn.key}, conn.value, recursive=True) }}"
 
 - name: generate interface config
   template:
@@ -9,4 +9,4 @@
 - name: generate wireguard config
   template:
     src: wireguard.conf.j2
-    dest: /etc/wireguard//wg_{{ item.name }}
+    dest: /etc/wireguard/wg_{{ item.name }}.conf
diff --git a/templates/networkinterface.j2 b/templates/networkinterface.j2
index 8ee8116..e32e130 100644
--- a/templates/networkinterface.j2
+++ b/templates/networkinterface.j2
@@ -1,14 +1,20 @@
 auto wg_{{ item.name }}
-iface w_{{ item.name }} inet static
+iface wg_{{ item.name }} inet static
 {% for i in item.ip %}
 	address {{ i }}
-{% endif %}
-	pre-up ip link add $IFACE type wireguard
+{% endfor %}
+	pre-up ip link add $IFACE type wireguard || true
 	pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
+{% for i in item.route %}
+	up ip route add {{ i }} dev $IFACE
+{% endfor %}
 	post-down ip link del $IFACE
 
-iface w_{{ item.name }} inet6 static
+iface wg_{{ item.name }} inet6 static
 	# static IP address 
 {% for i in item.ip6 %}
 	address {{ i }}
-{% endif %}
+{% endfor %}
+{% for i in item.route6 %}
+	up ip -6 route add {{ i }} dev $IFACE
+{% endfor %}
diff --git a/templates/wireguard.conf.j2 b/templates/wireguard.conf.j2
index d7056ab..c9f5ea2 100644
--- a/templates/wireguard.conf.j2
+++ b/templates/wireguard.conf.j2
@@ -1,11 +1,13 @@
 [Interface]
-Address = {{ (item.ip + item.ip6)|join(', ') }}
 ListenPort = {{ item.lport }}
 PrivateKey = {{ item.privkey }}
 
-{% for peer in item.peers %}
+{% for peername in item.peers %}
+{% set peer = {}|combine({'name': peername}, item.peers[peername]) %}
+
 [Peer]
+# {{ peer.name }}
 PublicKey = {{ peer.PublicKey }}
-AllowedIPs = {{ peer.AllowedIPs|join(', ') }}
+AllowedIPs = {{ peer.AllowedIPs|d(['0.0.0.0/0', '::/0'])|join(', ') }}
 {% if peer.Endpoint is defined %}Endpoint = {{ peer.Endpoint }}{% endif %}
 {% endfor %}