Add support for wireguard_peers variable

githubixx · Nov 13, 2023 · cc6d1a7 · cc6d1a7
1 parent 79e8cec
commit cc6d1a7
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -265,6 +265,8 @@ wireguard_unmanaged_peers:
     allowed_ips: 10.0.0.3/32
     endpoint: client.example.com:51820
     persistent_keepalive: 0
+wireguard_peers:
+ - ...
 ```
 
 `wireguard_(preup|predown|postup|postdown)` are specified as lists. Here are two examples:

diff --git a/templates/etc/wireguard/wg.conf.j2 b/templates/etc/wireguard/wg.conf.j2
@@ -52,7 +52,7 @@ PostDown = {{ wg_postdown }}
 SaveConfig = {{ wireguard_save_config }}
 {% endif %}
 {% for host in ansible_play_hosts %}
-{%   if host != inventory_hostname %}
+{%   if host != inventory_hostname and (wireguard_peers is not defined or host in wireguard_peers) %}
 
 [Peer]
 # {{ host }}
@@ -104,6 +104,7 @@ Endpoint = {{host}}:{{wireguard_port}}
 
 # Peers not managed by Ansible from "wireguard_unmanaged_peers" variable
 {% for peer in wireguard_unmanaged_peers.keys() %}
+{%   if wireguard_peers is not defined or peer in wireguard_peers %}
 [Peer]
 # {{ peer }}
 PublicKey = {{ wireguard_unmanaged_peers[peer].public_key }}
@@ -119,5 +120,6 @@ Endpoint = {{ wireguard_unmanaged_peers[peer].endpoint }}
 {%     if wireguard_unmanaged_peers[peer].persistent_keepalive is defined %}
 PersistentKeepalive = {{ wireguard_unmanaged_peers[peer].persistent_keepalive }}
 {%     endif %}
+{%    endif %}
 {%   endfor %}
 {% endif %}