docs(Wireguard): Add documentation

docs/6-network.md

@@ -1,4 +1,38 @@
 # Network
 
-Coming soon !
+Our infrascture may have machines accross multiple locations. We need to ensure that all machines can communicate with each other, even if they are behind a NAT. To allow such configuration, we will be using a VPN, more precisely, Wireguard. This also has the advantage of encrypting all traffic going between nodes.
-// Wireguard
+
+To ease the installation process, the installation is handled by [Jawher Moussa's ansible playbook](https://github.com/jawher/automation-wireguard).
+
+## Configuration
+
+When adding a new host to the inventory, the following entry needs to be added:
+```yaml
+all:
+  hosts:
+    <hostname>:
+      wireguard_ip: <wireguard_ip>
+      [...]
+```
+
+The `wireguard_ip` is the unique IP address the host will use to communicate with other hosts. 
+
+It is also recommended to change the `wireguard_port` in `inventory/*/group_vars/all.yml` to a random port for added obfuscation.
+Lastly, you can modify the `wireguard_mask_bits` to change the size of the subnet, but it is recommended to keep it at 8 for 254 IPs.
+
+### UFW
+
+For added security, UFW can be installed, but isn't enabled by default with these playbooks. To enable it, set the `enable_ufw` variable to `true` in `inventory/*/group_vars/all.yml`.
+
+You will need to read more about the playbook's documentation [here](https://github.com/jawher/automation-wireguard).
+
+## Installation
+
+To install Wireguard on all hosts, run the following commands:
+```bash
+# Select the desired environment
+export ENV=<environment>
+
+# Install Wireguard
+make wg
+```