Skip to content

Commit 41c4068

Browse files
superstessuperstes
committed
remove duplicates from allowed-ips (fix #3)
1 parent 3251e1f commit 41c4068

File tree

3 files changed

+7
-2
lines changed

3 files changed

+7
-2
lines changed

filter_plugins/utils.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ def filters(self):
88
return {
99
"safe_int_name": self.safe_int_name,
1010
"ensure_list": self.ensure_list,
11+
"unique_list": self.unique_list,
1112
"flatten_hosts": self.flatten_hosts,
1213
"flatten_ints": self.flatten_ints,
1314
"one_center": self.one_center,
@@ -99,3 +100,7 @@ def write_keys(pub: str, file_pub: str, pk: str, file_pk: str) -> bool:
99100
@staticmethod
100101
def all_exist(data: list) -> bool:
101102
return all(result['stat']['exists'] for result in data)
103+
104+
@staticmethod
105+
def unique_list(data: list) -> list:
106+
return list(set(data))

templates/etc/wireguard/inc/peer.conf.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ PublicKey = {{ lookup('file', peer_pubkey_file) }}
44
{% if topology.psk %}
55
PresharedKey = {{ lookup('file', psk_file) }}
66
{% endif %}
7-
AllowedIPs = {% for ip in wg_peer.Address | ensure_list %}{{ ip.split('/')[0] }}{% if ip | ansible.utils.ipv4 %}/32{% else %}/128{% endif %}{% if not loop.last %}, {% endif %}{% endfor %}{% for net in wg_peer.AllowedIPs | ensure_list %}, {{ net }}{% endfor %}
7+
AllowedIPs = {% for ip in wg_peer.Address | ensure_list | unique_list %}{{ ip.split('/')[0] }}{% if ip | ansible.utils.ipv4 %}/32{% else %}/128{% endif %}{% if not loop.last %}, {% endif %}{% endfor %}{% for net in wg_peer.AllowedIPs | ensure_list %}, {{ net }}{% endfor %}
88

99
{% if wg_peer.Endpoint and (wg_peer.ListenPort == defaults_local.ListenPort and 'ListenPort' in topology) %}
1010
Endpoint = {{ wg_peer.Endpoint }}:{{ topology.ListenPort }}

templates/etc/wireguard/inc/routing.conf.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{# custom implementation of auto-added routes for topologies where a gateway is needed #}
2-
{% for net in wg_peer.AllowedIPs | ensure_list %}
2+
{% for net in wg_peer.AllowedIPs | ensure_list | unique_list %}
33
{% for gw in wg_peer.Address | ensure_list %}
44
{% if gw.split('/')[0] != net.split('/')[0] %}
55
{% if gw | ansible.utils.ipv4 and net | ansible.utils.ipv4 %}

0 commit comments

Comments
 (0)