---
ansible_host: "hindley.adh.auro.re"

## Users
users:
  histausse: sudo
  g33kex: sudo
  thomyrock: sudo
  dorian: sudo

## Networking
interfaces:
  enp2s0:
    ipv4: 45.66.110.3
    type: dhcp
  wg0:
    ipv4: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
    netmaskv4: "{{ intranet.netmaskv4 }}"
    type: wireguard

ipv4_forwarding: true
ipv6_forwarding: false

lan_address: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"

## VPN
vpn_interfaces:
  wg0:
    ip: "{{ interfaces.wg0.ipv4 }}"
    private_key: "{{ vpn_key }}"
    public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
    keepalive: false
    peers:
    - public_key: "jvjOCj5xVTLwyQ8o7QsYvF2ep1HbD/GKnmjpqJuztB8="
      allowed_ips:
        - "{{ intranet.subnets.physical.subnets.router_hellman.ipv4 }}/{{ intranet.subnets.physical.subnets.router_hellman.netmaskv4  }}"
        - "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}"
      comment: "Router hosted on Hellman"
    - public_key: "{{ vpn_guest_keys.knuth }}"
      allowed_ips: 
        - "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
      comment: "Client laptop: knuth"
    - public_key: "{{ hostvars['sulfur'].vpn_interfaces.wg0.public_key }}"
      allowed_ips: 
        - "{{ hostvars['sulfur'].vpn_interfaces.wg0.ip }}/32"
      comment: "matrix VM, hosted on g33kex's server"
    - public_key: "{{ hostvars['technetium'].vpn_interfaces.wg0.public_key }}"
      allowed_ips:
        - "{{ hostvars['technetium'].vpn_interfaces.wg0.ip }}/32"
      comment: "test VM"

# apt proxy
proxy_apt_interfaces:
  - "{{ interfaces['wg0'].ipv4 }}"