---
ansible_host: "192.168.1.41"
ansible_python_interpreter: "/usr/bin/python3"
default_interface: "enu1u1"
consul_iface: "{{ default_interface }}"
vault_iface:  "{{ default_interface }}"

wireguard_address: "10.0.0.6/24"
wireguard_byhost_allowed_ips:
  merlin: 10.0.0.6,192.168.1.41
  corwin: 10.0.0.6,192.168.1.41
perrsistent_keepalive: "20"
wireguard_endpoint: ""

wireguard_postup:
  - iptables -A FORWARD -i wg0 -j ACCEPT
  - iptables -A FORWARD -o wg0 -j ACCEPT
  - iptables -t nat -A POSTROUTING -o {{ default_interface }} -j MASQUERADE

wireguard_postdown:
  - iptables -D FORWARD -i wg0 -j ACCEPT
  - iptables -D FORWARD -o wg0 -j ACCEPT
  - iptables -t nat -D POSTROUTING -o {{ default_interface }} -j MASQUERADE