From 990f4cacb71bd88e8b7eddc1b197b2a2f480d103 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Sat, 24 Jun 2023 00:22:51 +0200
Subject: Wireguard work.

---
 manifests/wireguard_server.pp | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/manifests/wireguard_server.pp b/manifests/wireguard_server.pp
index f8c7592..3885114 100644
--- a/manifests/wireguard_server.pp
+++ b/manifests/wireguard_server.pp
@@ -29,18 +29,20 @@ class profiles::wireguard_server (
         'Name' => $ifname,
       },
       'Route' => {
-        'Destination' => '2001:9b1:eff:a600:22cf:30ff:fe45:629e/128',
+        'Destination' => $peers.map |$p| { $p['AllowedIPs'] }.flatten,
       }
     }
   }
 
-  firewall { '100 Forward wireguard to network':
-    table    => 'nat',
-    chain    => 'POSTROUTING',
-    jump     => 'MASQUERADE',
-    outiface => 'br0',
-    proto    => 'all',
-    provider => 'ip6tables',
+  ['iptables', 'ip6tables'].each |$provider| {
+    firewall { '100 Forward wireguard to network':
+      table    => 'nat',
+      chain    => 'POSTROUTING',
+      jump     => 'MASQUERADE',
+      outiface => 'br0',
+      proto    => 'all',
+      provider => $provider,
+    }
   }
 
   # -A FORWARD -p udp -m udp --dport 51871 --destination $(dig +short gandalf.adrift.space AAAA)
-- 
cgit v1.2.3