aboutsummaryrefslogtreecommitdiffstats
path: root/roles/wireguard/tasks/local.yml
blob: 3eed984451a279aa1626d26162d9dc6524933d59 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
---

- name: create local wireguard directory
  ansible.builtin.file:
    path: "{{ wireguard__local_dir }}"
    state: directory
    mode: "0700"

- name: generate hosts keys
  ansible.builtin.shell: |
    set -o pipefail
    ls "{{ wireguard__local_dir }}/{{ item }}.keys" && exit 0
    umask 077
    wg genkey | \
    tee "{{ item }}.keys" | \
    wg pubkey >> "{{ item }}.keys"
    exit 2
  args:
    chdir: "{{ wireguard__local_dir }}"
  loop: "{{ groups.all }}"
  register: result
  changed_when: result.rc == 2
  failed_when: result.rc not in [0, 2]

- name: generate wireguard configuration
  ansible.builtin.template:
    src: wireguard.conf.j2
    dest: "{{ wireguard__local_dir }}/{{ item }}.conf"
    mode: "0600"
  vars:
    host: "{{ hostvars[item] }}"
  loop: "{{ groups.all }}"
remember that computers suck.