---
- name: "00: Create Wireguard directory"
  ansible.builtin.file:
    path: "/etc/wireguard"
    state: "directory"

- name: "10: Create Public and Private server keys"
  ansible.builtin.shell:
    cmd: "wg genkey | tee /etc/wireguard/privatekey | wg pubkey | tee /etc/wireguard/publickey"

- name: "20: Modify Private key permissions"
  ansible.builtin.file:
    path: "/etc/wireguard/privatekey"
    mode: '0600'

- name: "30: Set VPN configuration variables"
  ansible.builtin.command: cat /etc/wireguard/privatekey
  register: private_key_cmd

- name: "35: Register the stdout of previous"
  ansible.builtin.set_fact:
    vpn_private_key_content: "{{ private_key_cmd.stdout }}"
    
- name: "40: Create server configuration file"
  ansible.builtin.template:
    src: "templates/wg0.conf.j2"
    dest: "/etc/wireguard/wg0.conf"


- name: "50: Modify Server config file permissions"
  ansible.builtin.file:
    path: "/etc/wireguard/wg0.conf"
    mode: "0600"
  ansible.builtin.file:
    path: "/etc/wireguard/privatekey"
    mode: "0600"


- name: "60: Start the wireguard server"
  ansible.builtin.shell:
    cmd: "wg-quick up wg0"

- name: "70: Enable IP forwarding"
  ansible.builtin.sysctl:
    name: "net.ipv4.ip_forward"
    value: "1"
    sysctl_set: "yes"
    state: "present"
    reload: "yes"