From ba4199955a0d9b273299649b67f9592b27d00617 Mon Sep 17 00:00:00 2001 From: heqnx Date: Tue, 24 Jun 2025 10:29:19 +0300 Subject: added working wg setup + internal access --- templates/wg0.conf.j2 | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) (limited to 'templates/wg0.conf.j2') diff --git a/templates/wg0.conf.j2 b/templates/wg0.conf.j2 index 6b0aa34..10e3bc9 100644 --- a/templates/wg0.conf.j2 +++ b/templates/wg0.conf.j2 @@ -1,12 +1,18 @@ [Interface] PrivateKey = {{ private_key }} -Address = {{ wireguard_subnet_prefix}}.1/24 -ListenPort = {{ wireguard_port }} +Address = {{ wg_subnet_prefix }}.1/24 +ListenPort = {{ wg_port }} PostUp = sysctl -w net.ipv4.ip_forward=1 -PostUp = iptables -A FORWARD -i {{ wireguard_interface }} -o %i -j ACCEPT -PostUp = iptables -A FORWARD -i %i -j ACCEPT -PostUp = iptables -t nat -A POSTROUTING -o {{ wireguard_interface }} -j MASQUERADE +PostUp = iptables -A FORWARD -i wg0 -o vmbr0 -j ACCEPT +PostUp = iptables -A FORWARD -i vmbr0 -o wg0 -j ACCEPT +PostUp = iptables -A FORWARD -i wg0 -o vmbr1 -j ACCEPT +PostUp = iptables -A FORWARD -i vmbr1 -o wg0 -j ACCEPT +PostUp = iptables -t nat -A POSTROUTING -s {{ wg_subnet }} -o vmbr0 -j MASQUERADE +PostUp = iptables -t nat -A POSTROUTING -s {{ wg_subnet }} -o vmbr1 -j MASQUERADE PostDown = sysctl -w net.ipv4.ip_forward=0 -PostDown = iptables -D FORWARD -i {{ wireguard_interface }} -o %i -j ACCEPT -PostDown = iptables -D FORWARD -i %i -j ACCEPT -PostDown = iptables -t nat -D POSTROUTING -o {{ wireguard_interface }} -j MASQUERADE +PostDown = iptables -D FORWARD -i wg0 -o vmbr0 -j ACCEPT +PostDown = iptables -D FORWARD -i vmbr0 -o wg0 -j ACCEPT +PostDown = iptables -D FORWARD -i wg0 -o vmbr1 -j ACCEPT +PostDown = iptables -D FORWARD -i vmbr1 -o wg0 -j ACCEPT +PostDown = iptables -t nat -D POSTROUTING -s {{ wg_subnet }} -o vmbr0 -j MASQUERADE +PostDown = iptables -t nat -D POSTROUTING -s {{ wg_subnet }} -o vmbr1 -j MASQUERADE -- cgit v1.2.3