# wireguard ~~ roles/wireguard/tasks/main.yml
# create keys and configuration for wireguard hosts

---

- name: set local directory for wireguard output
  set_fact:
    wg_dir: "{{ inventory_dir }}/files/wireguard"

- name: set local config files for wireguard output
  set_fact:
    wg_dcontroller_conf: "{{ wg_dir }}/{{ global.dcontroller }}.conf"
    wg_dcontroller_keys: "{{ wg_dir }}/{{ global.dcontroller }}.keys"
    wg_host_conf: "{{ wg_dir }}/{{ ansible_host }}.conf"
    wg_host_keys: "{{ wg_dir }}/{{ ansible_host }}.keys"

- name: include configuration generation
  include_tasks: generate.yml

- name: include configuration synchronization
  include_tasks: synchronize.yml

- name: enable wireguard for freebsd
  lineinfile:
    path: /etc/rc.conf
    regexp: "^wireguard_enable"
    line: wireguard_enable="YES"
  when: ansible_distribution == "FreeBSD"

- name: enable interface for freebsd
  lineinfile:
    path: /etc/rc.conf
    regexp: "^wireguard_interfaces"
    line: wireguard_interfaces="{{ global.dcontroller }}"
  when: ansible_distribution == "FreeBSd"

- name: generate and enable init script
  include_role: name=rc
  vars:
    rc_cmd: "{{ path_wgquick }}"
    rc_args: "up {{ global.dcontroller }}"
    rc_name: wireguard
    rc_user: "{{ user_root }}"
  ignore_errors: true
  when: ansible_distribution != "FreeBSD"

- name: include server setup
  include_tasks: server.yml
  when: ansible_host == global.dcontroller