SDIS-29-3.p2/vpn/wp.yml

---
- hosts: ap33-test ap33-prod
  become: yes

  tasks:

    - name: Installer WireGuard
      ansible.builtin.apt:
        pkg:
          - wireguard
          - wireguard-tools
        state: present
        update_cache: yes

    - name: Copier fichier mkwgconf.sh
      ansible.builtin.copy:
        src: mkwgconf.sh
        dest: /tmp/
      when: inventory_hostname == "ap33-test"


    - name: Lancement du script
      ansible.builtin.shell:
        cmd: cd /tmp && bash /tmp/mkwgconf.sh
      when: inventory_hostname == "ap33-test"


    - name: Copier fichier wg.conf dans /etc/wireguard
      ansible.builtin.copy:
        src: /tmp/wg0-a.conf
        dest: /etc/wireguard/wg0.conf
        remote_src: yes
      when: inventory_hostname == "ap33-test"

    - name: Recupère fichier wg0-b.conf
      ansible.builtin.fetch:
        src: /tmp/wg0-b.conf
        dest: wg0-b.conf
        flat: yes
      when: inventory_hostname == "ap33-test"

    - name: Copie fichier wg0-b.conf
      ansible.builtin.copy:
        src: wg0-b.conf
        dest: /etc/wireguard/wg0.conf
      when: inventory_hostname == "ap33-prod"

    - name: Lancer le service WireGuard
      ansible.builtin.systemd:
       name: wg-quick@wg0
       state: restarted

    - name: Active service wireguard
      ansible.builtin.systemd:
        name: wg-quick@wg0
        enabled: yes