# wg.yml
---
- hosts: wg
  become: true
  tasks:
    - name: 1. Installe le paquet Wireguard.
      apt: 
        name: wireguard
        state: present

    - name: 2. Installe les outils Wireguard.
      apt:
        name: wireguard-tools
        state: present

- hosts: wg_srv
  become: true
  tasks:
    - name: 3. Envoie le script Wireguard.
      copy:
        src: mkwgconf-p2p.sh
        dest: mkwgconf-p2p.sh

    - name: 4. Exécute le script Wireguard.
      command: bash mkwgconf-p2p.sh

    - name: 5. Copie le fichier de configuration Wireguard C sur cette machine.
      ansible.builtin.fetch:
        src: wg0-mon.conf
        dest: wg0-mon.conf
        flat: yes
    
    - name: 6. Récupère le fichier de conf A.
      ansible.builtin.fetch:
        src: wg0-prod.conf
        dest: wg0-prod.conf
        flat: yes

    - name: 7. Récupère le fichier de conf B.
      ansible.builtin.fetch:
        src: wg0-test.conf
        dest: wg0-test.conf
        flat: yes

- hosts: wg
  become: true
  tasks:
    - name: 8. Envoie le fichier de conf A vers la machine prod.
      copy:
        src: wg0-prod.conf
        dest: /etc/wireguard/wg0.conf
      when: ansible_hostname == "ap31-prod"

    - name: 9. Envoie le fichier de conf B vers la machine test.
      copy:
        src: wg0-test.conf
        dest: /etc/wireguard/wg0.conf
      when: ansible_hostname == "ap31-test"

    - name: 10. Envoie le fichier de conf C vers la machine mon.
      copy:
        src: wg0-mon.conf
        dest: /etc/wireguard/wg0.conf
      when: ansible_hostname == "ap31-mon"

    - name: 11. Active le service Wireguard.
      ansible.builtin.service:
        service: wg-quick@wg0.service
        enabled: true

    - name: 12. Lance le service Wireguard.
      ansible.builtin.service:
        service: wg-quick@wg0.service
        state: restarted