VPN setting

roles/wireguard-server/templates/wireguardclient.conf

@@ -0,0 +1,13 @@
+[Interface]
+Address = {{ IP }}/24
+DNS = 192.168.5.5
+#PostUP = wifi-wireguard -e
+#PostDOWN = wifi-wireguard -d
+SaveConfig = false
+ListenPort = 40041
+PrivateKey = {{ priv }}
+
+[Peer]
+PublicKey = {{ wireguard_server_pub }}
+AllowedIPs = 10.0.0.0/24, 192.168.5.0/24, 192.168.6.0/24
+Endpoint = 185.61.86.153:51820

roles/wireguard-server/templates/wireguardserver.conf

@@ -0,0 +1,18 @@
+[Interface]
+PrivateKey = {{ wireguard_server_key }}
+Address=10.0.0.1/24
+PostUp=iptables -A FORWARD -i wireguardserver -o ens18 -j ACCEPT; iptables -A FORWARD -i ens18 -o wireguardserver -j ACCEPT; iptables -t nat -A POSTROUTING -o ens18 -j MASQUERADE;
+PostDown=iptables -D FORWARD -i wireguardserver -o ens18 -j ACCEPT; iptables -D FORWARD -i ens18 -o wireguardserver -j ACCEPT; iptables -t nat -D POSTROUTING -o ens18 -j MASQUERADE;
+ListenPort=51820
+
+[Peer]
+PublicKey = {{ wireguard_ntb_pub }}
+AllowedIPs = 10.0.0.2/32
+
+[Peer]
+PublicKey = {{ wireguard_kate_pub }}
+AllowedIPs = 10.0.0.3/32
+
+[Peer]
+PublicKey = {{ wireguard_tata_pub }}
+AllowedIPs = 10.0.0.4/32