---
# tasks file for wireguard

- name: Install packages
  ansible.builtin.dnf:
    name: wireguard-tools
  become: true

- name: Include tasks to generate keys for server
  ansible.builtin.include_tasks:
    file: keys.yml
  when: wireguard_server
  vars:
    peer: "{{ inventory_hostname }}"

- name: Include tasks to generate keys for peers
  ansible.builtin.include_tasks:
    file: keys.yml
  when: wireguard_server
  loop: "{{ wireguard_peers }}"
  loop_control:
    label: "{{ peer }}"
  vars:
    peer: "{{ item.name }}"

- name: Deploy interface
  ansible.builtin.template:
    src: wgN.j2
    dest: /etc/wireguard/{{ wireguard_interface_name }}.conf
    owner: root
    group: root
    mode: u=rw,g=r,o=r
  become: true
  notify: Enable and restart service