#jinja2: lstrip_blocks: True
# {{ ansible_managed }}
[Interface]
## {{ inventory_hostname }}
Address = {{ wireguard_address }}
PrivateKey = {{ wireguard_private_key }}
ListenPort = {{ wireguard_port }}
{% if wireguard_dns is defined %}
DNS = {{ wireguard_dns }}
{% endif %}
{% if wireguard_fwmark is defined %}
FwMark = {{ wireguard_fwmark }}
{% endif %}
{% if wireguard_mtu is defined %}
MTU = {{ wireguard_mtu }}
{% endif %}
{% if wireguard_table is defined %}
Table = {{ wireguard_table }}
{% endif %}
{% if wireguard_preup is defined %}
{% for wg_preup in wireguard_preup %}
PreUp = {{ wg_preup }}
{% endfor %}
{% endif %}
{% if wireguard_postup is defined %}
{% for wg_postup in wireguard_postup %}
PostUp = {{ wg_postup }}
{% endfor %}
{% endif %}
{% if wireguard_predown is defined %}
{% for wg_predown in wireguard_predown %}
PreDown = {{ wg_predown }}
{% endfor %}
{% endif %}
{% if wireguard_postdown is defined %}
{% for wg_postdown in wireguard_postdown %}
PostDown = {{ wg_postdown }}
{% endfor %}
{% endif %}
SaveConfig = false
{% for host in wireguard_peers %}
{% if host != inventory_hostname %}

[Peer]
## {{ host }}
PublicKey = {{ hostvars[host].__wireguard_public_key }}
{% if hostvars[host].wireguard_allowed_ips is defined %}
AllowedIPs = {{ hostvars[host].wireguard_allowed_ips }}
{% else %}
AllowedIPs = {{ hostvars[host].wireguard_address.split('/')[0] }}/32
{% endif %}
{% if hostvars[host].wireguard_persistent_keepalive is defined %}
PersistentKeepalive = {{ hostvars[host].wireguard_persistent_keepalive }}
{% endif %}
{% if hostvars[host].wireguard_endpoint is not defined or hostvars[host].wireguard_endpoint != "" %}
Endpoint = {{ hostvars[host].wireguard_endpoint | default(host) }}:{{ hostvars[host].wireguard_port | default(wireguard_port) }}
{% endif %}
{% endif %}
{% endfor %}
{% if wireguard_peers_unmanaged | length > 0 %}

# Peers not managed by Ansible
{% for peer in wireguard_peers_unmanaged %}
[Peer]
# {{ peer.name }}
PublicKey = {{ peer.public_key }}
{% if peer.preshared_key is defined %}
PresharedKey = {{ peer.preshared_key }}
{% endif %}
{% if peer.allowed_ips is defined %}
AllowedIPs = {{ peer.allowed_ips }}
{% endif %}
{% if peer.endpoint is defined %}
Endpoint = {{ peer.endpoint }}
{% endif %}
{% if peer.persistent_keepalive is defined %}
PersistentKeepalive = {{ peer.persistent_keepalive }}
{% endif %}
{% endfor %}
{% endif %}