[Interface]
PrivateKey = {{ wireguard_private_key }}
#Address = 10.0.0.1/24
DNS = {{ vpn_network }}.1
SaveConfig = true
ListenPort = {{ wireguard_port }}
PostUp     = firewall-cmd --add-port {{ wireguard_port }}/udp && firewall-cmd --add-masquerade
PostDown   = firewall-cmd --remove-port {{ wireguard_port }}/udp && firewall-cmd --remove-masquerade

[Peer]
PublicKey = {{ public_key_files.results[0].stdout }}
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = {{ ansible_default_ipv4.address }}:{{ vpn_port }}
PersistentKeepalive = 20