# wireguard client configuration ~~ /etc/wireguard/*.conf
# managed by Ansible
{% set host_keys = lookup("file", wg_host_keys).splitlines() %}
{% set dcontroller_keys = lookup("file", wg_dcontroller_keys).splitlines() %}

[Interface]
Address = {{ ip.in }}, fd00:10:10::{{ ip.in.split(".")[3] }}
PrivateKey = {{ host_keys[0] }}

[Peer]
PublicKey = {{ dcontroller_keys[1] }}
Endpoint = {{ hostvars[global.dcontroller].ip.out }}:53
AllowedIPs = 0.0.0.0/0, ::/0
PersistentKeepalive = 25