18 lines
498 B
YAML
18 lines
498 B
YAML
wireguard_addresses:
|
|
- "{{ nat_map[inventory_hostname].vpn_ip }}"
|
|
wireguard_endpoint: ""
|
|
|
|
# Don't set this
|
|
# wireguard_dns: 10.0.123.123
|
|
|
|
# Keep the PAT mapping open. Only needed for the client; the server is always
|
|
# reachable
|
|
wireguard_persistent_keepalive: 30
|
|
|
|
# don't route local addresses through the wg tunnel
|
|
wireguard_preup:
|
|
- ip route add 10.0.0.0/16 via 10.0.0.1 dev eth0 proto static onlink
|
|
|
|
wireguard_postdown:
|
|
- ip route del 10.0.0.0/16 via 10.0.0.1 dev eth0 proto static onlink
|