ansible-roles/vpn/wireguard/templates/server/IFACE.conf

[Interface]
PrivateKey = {{ vpn_wireguard_interface_private_key }}
ListenPort = {{ vpn_wireguard_port }}
{% for client in vpn_wireguard_clients %}

[Peer]
PublicKey = {{ client.public_key }}
PresharedKey = {{ client.preshared_key }}
{% if 'inet6_subnet' in client %}
AllowedIPs = {{ vpn_wireguard_inet_subnet }}, {{ vpn_wireguard_inet6_subnet }}, {{ client.inet_subnet }}, {{ client.inet6_subnet }}
{% else %}
AllowedIPs = {{ vpn_wireguard_inet_subnet }}, {{ vpn_wireguard_inet6_subnet }}
{% endif %}
{% endfor %}