---
- name: WireGuard pour apx31-prod et apx31-test
  hosts:
    - ap31-test
    - ap31-prod
  become: true

  tasks:

    - name: Installer WireGuard
      apt:
        name:
          - wireguard
          - wireguard-tools
        state: present
        update_cache: true

    - name: Copier le script mkwgconf-p2p.sh dans /tmp
      ansible.builtin.copy:
        src: mkwgconf-p2p.sh
        dest: /tmp/mkwgconf-p2p.sh
        mode: '0755'

    - name: Executer le script mkwgconf
      ansible.builtin.shell:
        cmd: cd /tmp && /tmp/mkwgconf-p2p.sh
      when: inventory_hostname == "ap31-test"

    - name: Recupere wg0-a.conf
      ansible.builtin.fetch:
        src: /tmp/wg0-a.conf
        dest: /tmp/
          #        mode: '0600'
        flat: yes
      when: inventory_hostname == "ap31-test"

    - name: Recupere wg0-b.conf
      ansible.builtin.fetch:
        src: /tmp/wg0-b.conf
        dest: /tmp/
          #       mode: '0600'
        flat: yes
      when: inventory_hostname == "ap31-test"

    - name: Renvoi wg0-a.conf
      ansible.builtin.copy:
        src: /tmp/wg0-a.conf
        dest: /etc/wireguard/wg0.conf
          #  mode: '0600'
      when: inventory_hostname == "ap31-test"

    - name: Renvoi  wg0-b.conf
      ansible.builtin.copy:
        src: /tmp/wg0-b.conf
        dest: /etc/wireguard/wg0.conf
          #mode: '0600'
      when: inventory_hostname == "ap31-prod"