Add role

tasks/wireguard.yml

@@ -0,0 +1,33 @@
+---
+- name: Create wireguard directory
+  file:
+    path: /etc/wireguard
+    state: directory
+    mode: 0700
+
+- name: Generate private key
+  shell: "umask 077 && wg genkey > /etc/wireguard/{{ wireguard_if }}.key"
+  args:
+    creates: "/etc/wireguard/{{ wireguard_if }}.key"
+
+- name: Read private key
+  command: "cat /etc/wireguard/{{ wireguard_if }}.key"
+  register: priv_key
+  changed_when: false
+  check_mode: no
+
+- name: Interface configuration file
+  template:
+    src: wg.conf.j2
+    dest: "/etc/wireguard/{{ wireguard_if }}.conf"
+    mode: 0600
+    owner: root
+    group: root
+  notify: Restart wg-quick service
+
+- name: Wireguard service
+  service:
+    name: "wg-quick@{{ wireguard_if }}.service"
+    state: started
+    enabled: true
+