---
ansible_host: 10.0.0.1

wireguard_address: "10.0.0.1/24"
wireguard_endpoint: "65.108.221.233"
wireguard_persistent_keepalive: "30"
wireguard_allowed_ips: "10.0.0.0/24"

wireguard_postup:
  - iptables -A FORWARD -o %i -j ACCEPT
  - iptables -A FORWARD -i %i -j ACCEPT
  - iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE

wireguard_postdown:
  - iptables -D FORWARD -i %i -j ACCEPT
  - iptables -D FORWARD -o %i -j ACCEPT
  - iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE

wireguard_unmanaged_peers:
  phone:
    public_key: ioG35kDFTtip+Acfq+je9qDHYbZij+J6+Pg3T6Z4N0w=
    allowed_ips: 10.0.0.3/32
    persistent_keepalive: 0
consul_client_addr: "127.0.0.1 10.0.0.1"
consul_bind_address: "10.0.0.1"
consul_ui: False
consul_iface: "wg0"
nomads_bind_addr: "10.0.0.1"
vault_listener_address: 10.0.0.1