homeserver-iac/roles/firewall/defaults/main.yml

---
# set these in host/group vars
# these are defaults

# LAN static IP address
local_subnet: 192.168.0.0/24

sshd_port: 2500

bastion_ip: "{{ hostvars[groups['bastion'][0]]['local_ip'] }}"
bastion_vpn_ip: "{{ hostvars[groups['bastion'][0]]['vpn_ip'] }}"