From 615929ac4f13b1d83b7c00c684f276e77b627c20 Mon Sep 17 00:00:00 2001
From: lhahn <lhahn@huehner-cloud.de>
Date: Mon, 18 Sep 2023 12:06:24 +0200
Subject: [PATCH] Optimise wireguard

---
 defaults/main.yml                                | 2 +-
 templates/etc/wireguard/wireguard-client.conf.j2 | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index c5cccfc..6c77268 100755
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -87,7 +87,7 @@ fail2ban_activate_modules:
 ## WIREGUARD
 wireguard_enabled: True
 wireguard_is_gateway: False
-wireguard_allow_adjacent_client_traffic: False
+wireguard_allow_adjacent_client_traffic: True
 wireguard_keepalive: 25
 
 wireguard_gateway_interface: eth0
diff --git a/templates/etc/wireguard/wireguard-client.conf.j2 b/templates/etc/wireguard/wireguard-client.conf.j2
index f5a6e3e..9bcef77 100644
--- a/templates/etc/wireguard/wireguard-client.conf.j2
+++ b/templates/etc/wireguard/wireguard-client.conf.j2
@@ -1,11 +1,11 @@
 [Interface]
-Address = {{ wireguard_gateway_net_prefix }}.{{ wireguard_clients[wireguard_client_host].index }}/32
+Address = {{ wireguard_gateway_net_prefix }}.{{ wireguard_clients[wireguard_client_host].index }}/{{ wireguard_gateway_net_cidr }}
 PrivateKey = {{ wireguard_clients[wireguard_client_host].private_key }}
 DNS = {{ cloud_internal_dns }}
 
 [Peer]
 PublicKey = {{ wireguard_gateway_public_key }}
 Endpoint = {{ wireguard_gateway_host }}:{{ wireguard_gateway_port }}
-AllowedIPs = {{ wireguard_gateway_net_prefix }}.1/{% if wireguard_allow_adjacent_client_traffic %}{{ wireguard_gateway_net_cidr }}{% else %}32{% endif %}
+AllowedIPs = {{ wireguard_gateway_net_prefix }}{% if wireguard_allow_adjacent_client_traffic %}.0/{{ wireguard_gateway_net_cidr }}{% else %}.1/32{% endif %}
 
 PersistentKeepalive = {{ wireguard_keepalive }}