--- ansible_host: "192.168.1.42" ansible_python_interpreter: "/usr/bin/python3" default_interface: "enp2s0" consul_iface: "{{ default_interface}}" vault_iface: "{{ default_interface}}" wireguard_address: "10.0.0.7/24" wireguard_byhost_allowed_ips: merlin: 10.0.0.7,192.168.1.42,192.168.1.0/24 corwin: 10.0.0.7,192.168.1.42,192.168.1.0/24 perrsistent_keepalive: "20" wireguard_endpoint: "" wireguard_postup: - iptables -A FORWARD -i wg0 -j ACCEPT - iptables -A FORWARD -o wg0 -j ACCEPT - iptables -t nat -A POSTROUTING -o {{default_interface}} -j MASQUERADE - sysctl -w net.ipv4.ip_forward=1 wireguard_postdown: - iptables -D FORWARD -i wg0 -j ACCEPT - iptables -D FORWARD -o wg0 -j ACCEPT - iptables -t nat -D POSTROUTING -o {default_interface} -j MASQUERADE - sysctl -w net.ipv4.ip_forward=0 partition_table: - device: "/dev/sda" label: gpt settings: - number: 1 part_end: 300MB flags: [boot, esp] fstype: vfat format: yes - number: 2 part_start: 512MB part_end: 1524MB flags: [] fstype: swap format: yes - number: 3 part_start: 1524MB flags: [lvm] fstype: ext4 format: yes #- device: "/dev/sdb" #settings: #- number: 1 #name: home #fstype: ext4 #format: mount_table: - device: "/dev/sda" settings: - number: 3 mountpath: /mnt fstype: ext4 - number: 1 mountpath: /mnt/boot fstype: vfat #need vfat boot partition with esp label provissionning_UEFI_Enable: True