# wireguard ~~ roles/wireguard/tasks/main.yml
# create keys and configuration for wireguard hosts

---

- name: generate server configuration
  template:
    src: dcontroller.conf.j2
    dest: "{{ wg_dir }}/{{ ansible_host }}.conf"
    mode: "0600"
  when: ansible_host == global.dcontroller
  delegate_to: localhost

- name: generate server interface
  template:
    src: templates/hostname.j2
    dest: /etc/hostname.tun0

# NOTE: interface destruction and creation exists in the same tasks,
# to avoid being kicked out of the ssh sessions if this one exists
# within the current VPN.
- name: restart wireguard interface
  shell: |
    ifconfig tun0 destroy
    sleep 2
    sh /etc/netstart tun0
  register: result

- name: show debug output
  debug:
    msg: |
      {% for line in result.stdout_lines %}
      "{{ line }}"
      {% endfor %}
      {% for line in result.stderr_lines %}
      "{{ line }}"
      {% endfor %}