- name: Configure Wireguard Network Link
  hosts: 
    - colors
    - kubernetes
    - truenas
    - nextcloud-aio
    - unifi-external
  become: true
  become_user: root
  become_method: sudo
  vars_files:
    - vars.yaml
  tasks:
  - name: Check if duconet-wg exists
    shell: ip link show duconet-wg
    register: link_check
    ignore_errors: yes
  - name: Add duconet-wg link
    shell: ip link add dev duconet-wg type wireguard
    when: link_check.rc != 0
  - name: Add duconet-wg addresses
    shell: "ip address add dev duconet-wg {{ ip[inventory_hostname].address }}/64"
    when: link_check.rc != 0
  - name: wg set port/key
    shell: >
      wg set duconet-wg
      listen-port {{ wireguard.listen_port }}
      private-key /etc/wireguard/privatekey
  - name: Set link up
    shell: ip link set up dev duconet-wg
  - name: Touch duconet-wg.conf
    ansible.builtin.file:
      path: /etc/wireguard/duconet-wg.conf
      state: touch
  - name: save wg config
    shell: wg-quick save duconet-wg
  - name: Enable wg-quick@duconet-wg
    ansible.builtin.systemd_service:
      name: wg-quick@duconet-wg
      enabled: true