From 4d996aff99c9c31ed66f82afb11c74569ccc6763 Mon Sep 17 00:00:00 2001
From: heqnx <root@heqnx.com>
Date: Tue, 24 Jun 2025 00:28:18 +0300
Subject: adding wireguard setup for pve vm access

---
 templates/wg0.conf.j2 | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 templates/wg0.conf.j2

(limited to 'templates/wg0.conf.j2')

diff --git a/templates/wg0.conf.j2 b/templates/wg0.conf.j2
new file mode 100644
index 0000000..6b0aa34
--- /dev/null
+++ b/templates/wg0.conf.j2
@@ -0,0 +1,12 @@
+[Interface]
+PrivateKey = {{ private_key }}
+Address    = {{ wireguard_subnet_prefix}}.1/24
+ListenPort = {{ wireguard_port }}
+PostUp     = sysctl -w net.ipv4.ip_forward=1
+PostUp     = iptables -A FORWARD -i {{ wireguard_interface }} -o %i -j ACCEPT
+PostUp     = iptables -A FORWARD -i %i -j ACCEPT
+PostUp     = iptables -t nat -A POSTROUTING -o {{ wireguard_interface }} -j MASQUERADE
+PostDown   = sysctl -w net.ipv4.ip_forward=0
+PostDown   = iptables -D FORWARD -i {{ wireguard_interface }} -o %i -j ACCEPT
+PostDown   = iptables -D FORWARD -i %i -j ACCEPT
+PostDown   = iptables -t nat -D POSTROUTING -o {{ wireguard_interface }} -j MASQUERADE
-- 
cgit v1.2.3