ansible/group_vars/all/wg.yml

---

wg_dns: "10.0.0.1"

wg_peers:

  caladan:
    endpoint: monotremata.xyz
    address: "10.1.0.2/24"
    allowed_ips: "10.1.0.2/32"
    private_key: "{{ vault_wg_peers.caladan.private_key }}"
    public_key: "{{ vault_wg_peers.caladan.public_key }}"

  fugu:
    endpoint: mail.monotremata.xyz
    address: "10.1.0.3/24"
    allowed_ips: "10.1.0.3/32"
    private_key: "{{ vault_wg_peers.fugu.private_key }}"
    public_key: "{{ vault_wg_peers.fugu.public_key }}"

  # openwrt is added as a peer but not managed by ansible
  openwrt:
    allowed_ips: "10.0.0.0/8"
    endpoint: wg.monotremata.xyz
    public_key: "{{ vault_wg_peers.openwrt.public_key }}"

wg_preshared_keys:

  caladan_openwrt: "{{ vault_wg_preshared_keys.caladan_openwrt }}"
  caladan_fugu: "{{ vault_wg_preshared_keys.caladan_fugu }}"
  fugu_openwrt: "{{ vault_wg_preshared_keys.fugu_openwrt }}"