- name: Copy configuration files
  loop:
        - { src: "wireguard.conf.j2", dest: "/etc/wireguard/wg0.conf", mode: '600' }
  template:
        follow: yes
        src: '{{ item.src }}'
        dest: '{{ item.dest }}'
        mode: '{{ item.mode }}'
  notify: Run service actions
  tags:
        - config
        - wireguard
        - vault
- name: Enable forwarding in sysctl
  loop:
          - { name: "net.ipv4.ip_forward", value: "1" }
  sysctl:
        name: "{{ item.name }}"
        value: "{{ item.value }}"
        sysctl_set: yes