---
- hosts: wg
  become: true


  tasks:
  - name: Installation paquets
    apt:
      name: "{{ item }}"
    with_items:
       - wireguard
       - wireguard-tools


- hosts: wg-master
  become: true

  tasks:
  - name: Copie du script mkwgconf-p2p.sh sur ap32-mon
    copy:
      src: mkwgconf-p2p.sh
      dest: mkwgconf-p2p.sh

  - name: Generation des fichiers de conf
    shell: bash mkwgconf-p2p.sh

  - name: Recuperation des fichiers de conf
    ansible.builtin.fetch:
      src: "{{ item }}"
      dest: "{{ item }}"
      flat: yes
    loop:
        - wg0-1.conf
        - wg0-2.conf
        - wg0-3.conf

- hosts: wg
  become: true

  tasks:
  - name: Copie du fichier de conf sur serveur
    copy:
      src: wg0-1.conf
      dest: /etc/wireguard/wg0.conf
    when: ansible_hostname == "ap32-mon"


  - name: Copie du fichier de conf sur le client 1
    copy:
      src: wg0-2.conf
      dest: /etc/wireguard/wg0.conf
    when: ansible_hostname == "ap32-test"

  - name: Copie du fichier de conf sur le client 2
    copy:
      src: wg0-3.conf
      dest: /etc/wireguard/wg0.conf
    when: ansible_hostname == "ap32-prod"

  - name: Activation du service wireguard au demarrage
    ansible.builtin.service:
      name: wg-quick@wg0.service
      enabled: true

  - name: Restart du service wireguard
    ansible.builtin.service:
      name: wg-quick@wg0.service
      state: restarted