Add Infrastructure VPN setup

coreos-config/plays/templates/wg_infra.conf.j2

@@ -0,0 +1,27 @@
+# DO NOT PFUSCH IN THIS FILE!
+# ANSIBLE WILL NOT CARE AND RUIN YOUR DAY!
+# CONSIDER YOUSELF WARNED.
+
+[Interface]
+Address = {{ wg_addr | mandatory }}/32
+MTU = 1280
+SaveConfig = false
+ListenPort = 52000
+PrivateKey = {{ wg_private_key | mandatory }}
+
+{% for node in nodes %}
+{% set hvar=hostvars[node] %}
+# node: {{ hvar.inventory_hostname }}
+[peer]
+PublicKey = {{ hvar.wg_public_key | mandatory }}
+AllowedIPs = {{ hvar.wg_addr | mandatory }}/32
+
+{% if hvar.ansible_default_ipv6 is defined and ansible_default_ipv6 is defined and hvar.ansible_default_ipv6.scope == "global" and ansible_default_ipv6.scope == "global" %}
+Endpoint = [{{ hvar.ansible_default_ipv6.address | mandatory }}]:52000
+{% else %}
+Endpoint = [{{ hvar.ansible_default_ipv4.address | mandatory }}]:52000
+{% endif %}
+{% if hvar.wg_keepalive is defined %}
+PersistentKeepalive = {{ hvar.wg_keepalive }}
+{% endif %}
+{% endfor %}