- name: Add wireguard peers to each server
  hosts: 
    - colors
    - kubernetes
    - managed
  become: true
  become_user: root
  become_method: sudo
  vars_files:
    - vars.yaml
  tasks:
  - name: delete unused peers
    shell: wg set {{ wireguard.interface }} peer {{ item }} remove
    loop:
      - "CQxNsdPgfzjvOszjn/UZHFdAY3k+D9J+vI8qKUjCYV0="
  - name: wg set peers
    shell: >
      wg set {{ wireguard.interface }}
      peer {{ item.public_key }}
      allowed-ips '{{ ip[item.name].address_ipv6 }},{{ ip[item.name].address_ipv4 }}'
      persistent-keepalive 5
      {% if item.endpoint %}
      endpoint '{{ item.endpoint }}'
      {% endif %}
    loop: "{{ peers }}"
  - name: wg delete peers
    shell: >
      wg set {{ wireguard.interface }}
      peer {{ item }} remove
    loop:
    - 9/dBUlO9TGf0H9M3xwPiuIuz6Q/u7fSJVZaUxqAiqi8=
    ignore_errors: yes
  - name: save wg config
    shell: wg-quick save {{ wireguard.interface }}