ansible/host_vars/vpn-ng.adm.auro.re.yml

---
wireguard_endpoints:
  - name: ovh
    addrs:
      - 10.132.0.252/16
    listen_port: 5412
    private_key: "{{ vault_wireguard_secrets.gs_ovh.private }}"
    peers:
      - public_key: "{{ vault_wireguard_secrets.ovh_gs.public }}"
        allowed_addrs:
          - 10.132.0.0/16

nftables_basic_input_rules:
  - proto: tcp
    port: 22
    verdict: accept 
  - proto: udp
    port: 5412
    verdict: accept
...
Configure Wireguard endpoints for vpn(-ovh)?-ng 2021-02-20 17:05:10 +01:00			`---`
			`wireguard_endpoints:`
			`- name: ovh`
			`addrs:`
			`- 10.132.0.252/16`
			`listen_port: 5412`
			`private_key: "{{ vault_wireguard_secrets.gs_ovh.private }}"`
			`peers:`
			`- public_key: "{{ vault_wireguard_secrets.ovh_gs.public }}"`
			`allowed_addrs:`
			`- 10.132.0.0/16`

			`nftables_basic_input_rules:`
			`- proto: tcp`
			`port: 22`
			`verdict: accept`
			`- proto: udp`
			`port: 5412`
			`verdict: accept`
			`...`