salt/wireguard: add routes to endpoints

salt/wireguard/init.sls

@@ -4,6 +4,15 @@ wireguard-tools:
 /etc/systemd/system/wireguard@.service:
   file.managed:
     - source: salt://wireguard/wireguard.service
+    - template: 'jinja'
+    - context:
+        gateway: {{ pillar['hosts-inet']['core']['upstream2']
+        endpoints:
+{%- for instance, conf in pillar['wireguard-instances'].items() %}
+  {%- for peer in conf['peers'] %}
+          - {{ peer['endpoint'] }}
+  {%- endfor %}
+{%- endfor %}
 
 {%- for instance, conf in pillar['wireguard-instances'].items() %}
 /etc/wireguard/{{ instance }}.conf:

salt/wireguard/wireguard.service

@@ -4,6 +4,9 @@ PartOf=wireguard.service
 
 [Service]
 Type=oneshot
+{%- for endpoint in endpoints %}
+ExecStart=-/bin/ip route add {{ endpoint }} via {{ gateway }}
+{%- endfor %}
 ExecStart=/usr/bin/wg-quick up /etc/wireguard/%i.conf
 ExecStop=/usr/bin/wg-quick down /etc/wireguard/%i.conf
 RemainAfterExit=true