adc/ansible/roles/home-net/templates/wg0.conf

[Interface]
PrivateKey = {{ wireguard_clients[3]['privkey'] }}
Address = {{ wireguard_vpn_network | ipsubnet(32, wireguard_clients[3]['offset']) }}

PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = {{ wireguard_server_pubkey }}
Endpoint = vpn.awful.club:51820
AllowedIPs = 10.200.219.0/24