---
- hosts: wg
  become: yes
  tasks:
    - name: arrete unattended-upgrades
      service:
        name: unattended-upgrades
        state: stopped

    - name: installe Wireguard
      apt:
        name:
          - wireguard
          - wireguard-tools
        state: present

- hosts: wg_master
  tasks:
    - name: copie le fichier wg0-1.conf et wg0-2.conf vers les machines master et cli
      copy:
        src: mkwgconf.sh
        dest: mkwgconf.sh

    - name: generations fichier configuration wireguard wg0-1.conf etc
      shell: bash mkwgconf.sh

    - name: récupération du fichier wg0-1.conf vers ap33-ans
      fetch:
        src: wg0-1.conf
        dest: wg0-1.conf
        flat: yes

    - name: récupération du fichier wg0-2.conf vers ap33-ans
      fetch:
        src: wg0-2.conf
        dest: wg0-2.conf
        flat: yes

- hosts: wg
  become: yes
  tasks:
    - name: copie fichier  wg0-1 vers les clients
      copy:
        src: wg0-1.conf
        dest: /etc/wireguard/wg0.conf
      when: ansible_hostname == "ap33-mon"

    - name: copie fichier  wg0-2 vers les clients
      copy:
        src: wg0-2.conf
        dest: /etc/wireguard/wg0.conf
      when: ansible_hostname == "ap33-prod"

- hosts: wg
  become: yes
  tasks:
    - name: Activation de wireguard
      service:
        name: wg-quick@wg0.service
        enabled: yes

    - name: Redémarre le wireguard
      service:
        name: wg-quick@wg0.service
        state: restarted