adc/ansible/roles/home-net/templates/main.yml

[Interface]
PrivateKey = {{ wireguard_clients[3]['privkey'] }}
Address = {{ wireguard_vpn_network | ipsubnet(32, wireguard_clients[3]['offset']) }}

PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = {{ wireguard_server_pubkey }}
Endpoint = vpn.awful.club:51820
AllowedIPs = 10.200.219.0/24
Move to wg portal setup on larva. - add parent play for configuring the rpi - add dedicated rpi.yml to configure the base - copy over templates, handlers from the wg play - import the rpi.yml in main.yml 2020-11-15 19:37:58 +00:00			`[Interface]`
			`PrivateKey = {{ wireguard_clients[3]['privkey'] }}`
			`Address = {{ wireguard_vpn_network \| ipsubnet(32, wireguard_clients[3]['offset']) }}`

			`PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE`
			`PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE`

			`[Peer]`
			`PublicKey = {{ wireguard_server_pubkey }}`
			`Endpoint = vpn.awful.club:51820`
			`AllowedIPs = 10.200.219.0/24`