- hosts:
- arius
- akili
- birgitte
roles:
- role: wireguard2
wireguard_if: vs0
wireguard_listen_port: 45364
wireguard_address4: "{{ networks[ansible_hostname].address }}"
networks:
vimscore-1:
address: 192.168.137.1/24
network: 10.137.1.0
prefix: 24
vimscore-2:
address: 192.168.137.2/24
network: 10.137.2.0
prefix: 24
vimscore-3:
address: 192.168.137.3/24
network: 10.137.3.0
prefix: 24
arius:
address: 192.168.137.103/24
network: 10.137.103.0
prefix: 24
akili:
address: 192.168.137.104/24
network: 10.137.104.0
prefix: 24
birgitte:
address: 192.168.137.105/24
network: 10.137.105.0
prefix: 24
wireguard_routers:
- gateway: "{{ networks['vimscore-1'].address }}"
network: "{{ networks['vimscore-1'].network }}/{{ networks['vimscore-1'].prefix }}"
state: "{{ 'absent' if ansible_hostname == 'vimscore-1' else 'present' }}"
- gateway: "{{ networks['vimscore-2'].address }}"
network: "{{ networks['vimscore-2'].network }}/{{ networks['vimscore-2'].prefix }}"
state: "{{ 'absent' if ansible_hostname == 'vimscore-2' else 'present' }}"
- gateway: "{{ networks['vimscore-3'].address }}"
network: "{{ networks['vimscore-3'].network }}/{{ networks['vimscore-3'].prefix }}"
state: "{{ 'absent' if ansible_hostname == 'vimscore-3' else 'present' }}"
- gateway: "{{ networks['arius'].address }}"
network: "{{ networks['arius'].network }}/{{ networks['arius'].prefix }}"
state: "{{ 'absent' if ansible_hostname == 'arius' else 'present' }}"
- gateway: "{{ networks['akili'].address }}"
network: "{{ networks['akili'].network }}/{{ networks['akili'].prefix }}"
state: "{{ 'absent' if ansible_hostname == 'akili' else 'present' }}"
- gateway: "{{ networks['birgitte'].address }}"
network: "{{ networks['birgitte'].network }}/{{ networks['birgitte'].prefix }}"
state: "{{ 'absent' if ansible_hostname == 'birgitte' else 'present' }}"
# The peers' public keys are in plays/files/wireguard/vs0
wireguard_peers:
vimscore-1:
endpoint: vimscore-1.vimscore.com
allowed_ips:
- "{{ networks['vimscore-1'].address | ipaddr('address') }}/32"
- "{{ networks['vimscore-1'].network }}/{{ networks['vimscore-1'].prefix }}"
vimscore-2:
endpoint: vimscore-2.vimscore.com
allowed_ips:
- "{{ networks['vimscore-2'].address | ipaddr('address') }}/32"
- "{{ networks['vimscore-2'].network }}/{{ networks['vimscore-2'].prefix }}"
vimscore-3:
endpoint: vimscore-3.vimscore.com
allowed_ips:
- "{{ networks['vimscore-3'].address | ipaddr('address') }}/32"
- "{{ networks['vimscore-3'].network }}/{{ networks['vimscore-3'].prefix }}"
arius:
allowed_ips:
- "{{ networks['arius'].address | ipaddr('address') }}/32"
- "{{ networks['arius'].network }}/{{ networks['arius'].prefix }}"
akili:
allowed_ips:
- "{{ networks['akili'].address | ipaddr('address') }}/32"
- "{{ networks['akili'].network }}/{{ networks['akili'].prefix }}"
birgitte:
allowed_ips:
- "{{ networks['birgitte'].address | ipaddr('address') }}/32"
- "{{ networks['birgitte'].network }}/{{ networks['birgitte'].prefix }}"