[Interface]
PrivateKey = {{ lookup('ansible.builtin.ini', 'private_key section=wireguard file=secrets/' + inventory_hostname + '.ini') }}
ListenPort = 51822
Address = {{ dns_wg_ip }}

{% for host in groups['nameservers'] %}
{% if host != inventory_hostname %}
# {{ host }}
[Peer]
Endpoint = {{ hostvars[host].dns_wg_endpoint|default(host) }}:51822
PublicKey = {{ hostvars[host].dns_wg_pubkey }}
AllowedIPs = {{ hostvars[host].dns_wg_ip }}

{% endif %}{% endfor %}