# {{ ansible_managed }}

[Interface]
PrivateKey = {{ vpn_server_privkey }}
Address = 10.0.0.1/24
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = {{ proxy_server_vpn_port }}

# Mail Service
[Peer]
PublicKey = {{ mail_service_pubkey }}
AllowedIPs = 10.0.0.2/32
PersistentKeepalive = 25

# Git Service
[Peer]
PublicKey = {{ git_service_pubkey }}
AllowedIPs = 10.0.0.3/32
PersistentKeepalive = 25

# Invidious Service
[Peer]
PublicKey = {{ invidious_service_pubkey }}
AllowedIPs = 10.0.0.9/32
PersistentKeepalive = 25

# Searxng Service
[Peer]
PublicKey = {{ searxng_service_pubkey }}
AllowedIPs = 10.0.0.4/32
PersistentKeepalive = 25

# Nextcloud Service
[Peer]
PublicKey = {{ nextcloud_service_pubkey }}
AllowedIPs = 10.0.0.5/32
PersistentKeepalive = 25

# Matrix Service
[Peer]
PublicKey = {{ matrix_service_pubkey }}
AllowedIPs = 10.0.0.6/32
PersistentKeepalive = 25

# Minecraft Service
[Peer]
PublicKey = {{ minecraft_service_pubkey }}
AllowedIPs = 10.0.0.7/32
PersistentKeepalive = 25

# Kimai Service
[Peer]
PublicKey = {{ kimai_service_pubkey }}
AllowedIPs = 10.0.0.8/32
PersistentKeepalive = 25

# Technitium Service
[Peer]
PublicKey = {{ technitium_service_pubkey }}
AllowedIPs = 10.0.0.10/32
PersistentKeepalive = 25

# Penpot Service
[Peer]
PublicKey = {{ penpot_service_pubkey }}
AllowedIPs = 10.0.0.11/32
PersistentKeepalive = 25

# Owncloud Service
[Peer]
PublicKey = {{ owncloud_service_pubkey }}
AllowedIPs = 10.0.0.12/32
PersistentKeepalive = 25

# Connection to backend server for nagios
[Peer]
PublicKey = {{ nagios_backend_pubkey }}
AllowedIPs = 10.0.0.198/32
PersistentKeepalive = 25

# Connection to backend server for cockpit
[Peer]
PublicKey = {{ cockpit_backend_pubkey }}
AllowedIPs = 10.0.0.199/32
PersistentKeepalive = 25

# User Key for Phone/Desktop/Laptop use 
[Peer]
PublicKey = {{ user_pubkey }}
AllowedIPs = 10.0.0.200/32
PersistentKeepalive = 25