cookbooks/networking/templates/default/wireguard.network.erb

   1 [Match]
   2 Name=wg0
   3
   4 [Network]
   5 <% if node.internal_ipaddress -%>
   6 Address=<%= node.internal_ipaddress %>/32
   7 <% end -%>
   8 Address=<%= node[:networking][:wireguard][:address] %>/128
   9
  10 [Route]
  11 Destination=fd43:e709:ea6d:1::/64
  12 <% node[:networking][:wireguard][:peers].each do |peer| -%>
  13 <% Array(peer[:allowed_ips]).sort.each do |ip| -%>
  14 <% unless ip =~ /^fd43:e709:ea6d:1::/ -%>
  15
  16 [Route]
  17 Destination=<%= ip %>
  18 <% end -%>
  19 <% end -%>
  20 <% end -%>