27 lines
983 B
YAML
27 lines
983 B
YAML
|
---
|
||
|
|
# The LOCAL directory where the Wireguard certificate is stored after it was
|
||
|
|
# generated. By default this will expand to user's LOCAL ${HOME}
|
||
|
|
# (the user that run's "ansible-playbook" command) plus
|
||
|
|
# "/wireguard/certs". That means if the user's ${HOME} directory is e.g.
|
||
|
|
# "/home/da_user" then "wireguard_cert_directory" will have a value of
|
||
|
|
# "/home/da_user/wireguard/certs". If you change this make sure that
|
||
|
|
# the parent directory is writable by the user that runs "ansible-playbook"
|
||
|
|
# command.
|
||
|
|
wireguard_cert_directory: "{{ '~/wireguard/certs' | expanduser }}"
|
||
|
|
|
||
|
|
# Directory to store Wireguard configuration on the remote hosts
|
||
|
|
wireguard_remote_directory: "/etc/wireguard"
|
||
|
|
|
||
|
|
# The port Wireguard will listen on.
|
||
|
|
wireguard_port: "51820"
|
||
|
|
|
||
|
|
# The interface name that wireguard should use.
|
||
|
|
wireguard_interface: "wg0"
|
||
|
|
|
||
|
|
wireguard_server_conf: |
|
||
|
|
[Interface]
|
||
|
|
PrivateKey = {{wg_server_privatekey }}
|
||
|
|
Address = {{wireguard_ip}}
|
||
|
|
ListenPort = {{wireguard_port}}
|
||
|
|
SaveConfig = true
|