Configure endpoints + "point-to-point" network

host_vars/vpn-ng.adm.auro.re.yml

@@ -2,13 +2,17 @@
 wireguard_endpoints:
   - name: ovh
     addrs:
-      - 10.132.0.252/16
+      - 192.168.0.1/24
     listen_port: 5412
     private_key: "{{ vault_wireguard_secrets.gs_ovh.private }}"
     peers:
       - public_key: "{{ vault_wireguard_secrets.ovh_gs.public }}"
         allowed_addrs:
+          - 192.168.0.0/24
+          - 10.128.0.0/16
           - 10.132.0.0/16
+        keepalive: 30
+        endpoint: 92.222.211.198:5412
 
 nftables_basic_input_rules:
   - proto: tcp

host_vars/vpn-ovh-ng.auro.re.yml

@@ -2,13 +2,16 @@
 wireguard_endpoints:
   - name: gs
     addrs:
-      - 10.128.0.225/16
+      - 192.168.0.2/24
     listen_port: 5412
     private_key: "{{ vault_wireguard_secrets.ovh_gs.private }}"
     peers:
       - public_key: "{{ vault_wireguard_secrets.gs_ovh.public }}"
         allowed_addrs:
+          - 192.168.0.0/24
           - 10.128.0.0/16
+          - 10.132.0.0/16
+        keepalive: 30
 
 nftables_basic_input_rules:
   - proto: tcp