[NetDev]
Name=dn42{{ item['remotename'] }}
Kind=wireguard
Description=DN42 peering with AS{{ item.asn }} @ {% if item.remotehost is defined %}{{ item.remotehost }}[{{ item.remoteip }}]:{{ item.remoteport }}{% else %}[{{ item.remoteip }}]:{{ item.remoteport }}{% endif %}
{% if mtu is defined %}
MTUBytes={{ mtu }}
{% endif %}

[WireGuard]
{% if item.keypath is defined %}
PrivateKeyFile={{ item.keypath }}
{% else %}
PrivateKeyFile=/etc/systemd/network/wg.key
{% endif %}
{% if item['localport'] is defined %}
ListenPort={{ item['localport'] }}
{% endif %}

[WireGuardPeer]
{% if item['remotehost'] is defined %}
# {{ item['remotehost'] }}
{% endif %}
{% if item['remoteip'] is defined %}
Endpoint={{ item['remoteip'] }}:{{ item['remoteport'] }}
{% endif %}
PublicKey={{ item['publickey'] }}
PersistentKeepalive=15
AllowedIPs=fe80::/64 fd00::/8 172.20.0.0/14 172.31.0.0/16 10.0.0.0/8
{% if item.pskpath is defined %}
PresharedKeyFile={{ item.pskpath }}
{% endif %}