ele-router basic wireguard setup

2 files changed, 13 insertions, 2 deletions

diff --git a/roles/wireguard/gateway/defaults/main.yml b/roles/wireguard/gateway/defaults/main.yml
index 8b1ab7f6..69846fc3 100644
--- a/roles/wireguard/gateway/defaults/main.yml
+++ b/roles/wireguard/gateway/defaults/main.yml
@@ -7,10 +7,21 @@
 #     addresses:
 #     - 192.168.255.254/24
 #     ip_masq: yes
+#     ip_snat:
+#       interface: eth1
+#       to: 1.2.3.4
+#     port_forwardings:
+#     - dest: 1.2.3.4
+#       tcp_ports:
+#         80: 192.158.255.3:80
+#       udp_ports:
+#         123: 192.158.255.3:200
 #     peers:
 #     - pub_key: public_key_of_peer
 #       keepalive_interval: 10
-#       endpoint: 5.6.7.8:1234
+#       endpoint:
+#         host: 5.6.7.8
+#         port: 1234
 #       allowed_ips:
 #         - 192.168.255.3/32
 #         - 192.168.123.0/24
diff --git a/roles/wireguard/gateway/templates/systemd.netdev.j2 b/roles/wireguard/gateway/templates/systemd.netdev.j2
index 62f0d0a6..96399b52 100644
--- a/roles/wireguard/gateway/templates/systemd.netdev.j2
+++ b/roles/wireguard/gateway/templates/systemd.netdev.j2
@@ -18,7 +18,7 @@ PublicKey={{ peer.pub_key }}
 AllowedIPs={{ ip }}
 {%   endfor %}
 {%   if 'endpoint' in peer %}
-Endpoint={{ peer.endpoint }}
+Endpoint={{ peer.endpoint.host }}:{{ peer.endpoint.port | default(51820) }}
 {%   endif %}
 {%   if 'keepalive_interval' in peer %}
 PersistentKeepalive={{ peer.keepalive_interval }}