VPN setting

roles/wireguard-server/templates/wireguardserver.conf

@@ -0,0 +1,18 @@
+[Interface]
+PrivateKey = {{ wireguard_server_key }}
+Address=10.0.0.1/24
+PostUp=iptables -A FORWARD -i wireguardserver -o ens18 -j ACCEPT; iptables -A FORWARD -i ens18 -o wireguardserver -j ACCEPT; iptables -t nat -A POSTROUTING -o ens18 -j MASQUERADE;
+PostDown=iptables -D FORWARD -i wireguardserver -o ens18 -j ACCEPT; iptables -D FORWARD -i ens18 -o wireguardserver -j ACCEPT; iptables -t nat -D POSTROUTING -o ens18 -j MASQUERADE;
+ListenPort=51820
+
+[Peer]
+PublicKey = {{ wireguard_ntb_pub }}
+AllowedIPs = 10.0.0.2/32
+
+[Peer]
+PublicKey = {{ wireguard_kate_pub }}
+AllowedIPs = 10.0.0.3/32
+
+[Peer]
+PublicKey = {{ wireguard_tata_pub }}
+AllowedIPs = 10.0.0.4/32