Talos
Omni
Kubernetes Guides| Field | Type | Description | Value(s) |
|---|---|---|---|
name | string | Name of the Wireguard link (interface). | |
privateKey | string | Specifies a private key configuration (base64 encoded). Can be generated by wg genkey. | |
listenPort | int | Specifies a device’s listening port (UDP). If not specified, a random port will be chosen. | |
firewallMark | int | Specifies a device’s firewall mark. Useful for advanced routing setups, marking packets originating from this device. | |
peers | WireguardPeer | Specifies a list of peer configurations to apply to a device. | |
up | bool | Bring the link up or down. If not specified, the link will be brought up. | |
mtu | uint32 | Configure LinkMTU (Maximum Transmission Unit) for the link. If not specified, the system default LinkMTU will be used (usually 1500). | |
addresses | AddressConfig | Configure addresses to be statically assigned to the link. | |
routes | RouteConfig | Configure routes to be statically created via the link. | |
multicast | bool | Set the multicast capability of the link. |
peers[]
WireguardPeer describes a Wireguard peer configuration.| Field | Type | Description | Value(s) |
|---|---|---|---|
publicKey | string | Specifies the public key of this peer. Can be extracted from private key by running wg pubkey < private.key. | |
presharedKey | string | Specifies the preshared key for this peer (base64 encoded). Can be generated by wg genpsk.Optional, this key provides an additional layer of symmetric-key cryptography to the peer connection. | |
endpoint | AddrPort | Specifies the endpoint of this peer entry. Format: IP address:port. If not set, the peer should connect to us without us connecting to it first. | |
persistentKeepaliveInterval | Duration | Specifies the persistent keepalive interval for this peer. Field format accepts any Go time.Duration format (‘1h’ for one hour, ‘10m’ for ten minutes). | |
allowedIPs | []Prefix | AllowedIPs specifies a list of allowed IP addresses in CIDR notation for this peer. These IPs will be routed to this peer, and defines which IPs this peer is allowed to use. |
addresses[]
AddressConfig represents a network address configuration.| Field | Type | Description | Value(s) |
|---|---|---|---|
address | Prefix | IP address to be assigned to the link. This field must include the network prefix length (e.g. /24 for IPv4, /64 for IPv6). | |
routePriority | uint32 | Configure the route priority (metric) for routes created for this address. If not specified, the system default route priority will be used. |
routes[]
RouteConfig represents a network route configuration.| Field | Type | Description | Value(s) |
|---|---|---|---|
destination | Prefix | The route’s destination as an address prefix. If not specified, a default route will be created for the address family of the gateway. | |
gateway | Addr | The route’s gateway (if empty, creates link scope route). | |
source | Addr | The route’s source address (optional). | |
metric | uint32 | The optional metric for the route. | |
mtu | uint32 | The optional MTU for the route. | |
table | RoutingTable | The routing table to use for the route. If not specified, the main routing table will be used. |