Wireguard work.

1 files changed, 10 insertions, 8 deletions

diff --git a/manifests/wireguard_server.pp b/manifests/wireguard_server.pp
index f8c7592..3885114 100644
--- a/manifests/wireguard_server.pp
+++ b/manifests/wireguard_server.pp
@@ -29,18 +29,20 @@ class profiles::wireguard_server (
         'Name' => $ifname,
       },
       'Route' => {
-        'Destination' => '2001:9b1:eff:a600:22cf:30ff:fe45:629e/128',
+        'Destination' => $peers.map |$p| { $p['AllowedIPs'] }.flatten,
       }
     }
   }
 
-  firewall { '100 Forward wireguard to network':
-    table    => 'nat',
-    chain    => 'POSTROUTING',
-    jump     => 'MASQUERADE',
-    outiface => 'br0',
-    proto    => 'all',
-    provider => 'ip6tables',
+  ['iptables', 'ip6tables'].each |$provider| {
+    firewall { '100 Forward wireguard to network':
+      table    => 'nat',
+      chain    => 'POSTROUTING',
+      jump     => 'MASQUERADE',
+      outiface => 'br0',
+      proto    => 'all',
+      provider => $provider,
+    }
   }
 
   # -A FORWARD -p udp -m udp --dport 51871 --destination $(dig +short gandalf.adrift.space AAAA)