Optimise wireguard

2023-09-18 12:06:24 +02:00 · 2023-09-18 12:06:24 +02:00 · 615929ac4f
commit 615929ac4f
parent 6bcf35137f
2 changed files with 3 additions and 3 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -87,7 +87,7 @@ fail2ban_activate_modules:
 ## WIREGUARD
 wireguard_enabled: True
 wireguard_is_gateway: False
-wireguard_allow_adjacent_client_traffic: False
+wireguard_allow_adjacent_client_traffic: True
 wireguard_keepalive: 25
 wireguard_gateway_interface: eth0
--- a/templates/etc/wireguard/wireguard-client.conf.j2
+++ b/templates/etc/wireguard/wireguard-client.conf.j2
@ -1,11 +1,11 @@
 [Interface]
-Address = {{ wireguard_gateway_net_prefix }}.{{ wireguard_clients[wireguard_client_host].index }}/32
+Address = {{ wireguard_gateway_net_prefix }}.{{ wireguard_clients[wireguard_client_host].index }}/{{ wireguard_gateway_net_cidr }}
 PrivateKey = {{ wireguard_clients[wireguard_client_host].private_key }}
 DNS = {{ cloud_internal_dns }}
 [Peer]
 PublicKey = {{ wireguard_gateway_public_key }}
 Endpoint = {{ wireguard_gateway_host }}:{{ wireguard_gateway_port }}
-AllowedIPs = {{ wireguard_gateway_net_prefix }}.1/{% if wireguard_allow_adjacent_client_traffic %}{{ wireguard_gateway_net_cidr }}{% else %}32{% endif %}
+AllowedIPs = {{ wireguard_gateway_net_prefix }}{% if wireguard_allow_adjacent_client_traffic %}.0/{{ wireguard_gateway_net_cidr }}{% else %}.1/32{% endif %}
 PersistentKeepalive = {{ wireguard_keepalive }}