# wireguard ~~ roles/wireguard/tasks/generate.yml
# generate client configuration

---

- name: check keys on local disk
  stat:
    path: "{{ wg_host_keys }}"
  register: stat_host_keys
  delegate_to: localhost

- name: generate host keys on local machine
  shell: |
    umask 077
    wg genkey | tee "{{ wg_host_keys }}" | wg pubkey >> "{{ wg_host_keys }}"
  args:
    chdir: "{{ wg_dir }}"
  when: not stat_host_keys.stat.exists or wg_force is defined and wg_force
  delegate_to: localhost

- name: generate client configuration
  template:
    src: host.conf.j2
    dest: "{{ wg_dir }}/{{ ansible_host }}.conf"
    mode: "0600"
  when: ansible_host != global.dcontroller
  delegate_to: localhost