From edfeb6401af135348ddd38518a27be3e8ec51f6a Mon Sep 17 00:00:00 2001
From: binary <me@rgoncalves.se>
Date: Wed, 17 Mar 2021 20:53:31 +0100
Subject: Make wireguard unreachables/failures free

---
 roles/wireguard/tasks/generate.yml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 roles/wireguard/tasks/generate.yml

(limited to 'roles/wireguard/tasks/generate.yml')

diff --git a/roles/wireguard/tasks/generate.yml b/roles/wireguard/tasks/generate.yml
new file mode 100644
index 0000000..6b91fb2
--- /dev/null
+++ b/roles/wireguard/tasks/generate.yml
@@ -0,0 +1,29 @@
+
+# wireguard ~~ roles/wireguard/tasks/generate.yml
+# generate client configuration
+
+---
+
+- name: check keys on local disk
+  stat:
+    path: "{{ wg_host_keys }}"
+  register: stat_host_keys
+  delegate_to: localhost
+
+- name: generate host keys on local machine
+  shell: |
+    umask 077
+    wg genkey | tee "{{ wg_host_keys }}" | wg pubkey >> "{{ wg_host_keys }}"
+  args:
+    chdir: "{{ wg_dir }}"
+  when: not stat_host_keys.stat.exists or wg_force is defined and wg_force
+  delegate_to: localhost
+
+- name: generate client configuration
+  template:
+    src: host.conf.j2
+    dest: "{{ wg_dir }}/{{ ansible_host }}.conf"
+    mode: "0600"
+  when: ansible_host != global.dcontroller
+  delegate_to: localhost
+
-- 
cgit v1.2.3