From 39579f734778fa7f49ba1fa5dcdf5bb164a93176 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thorben=20G=C3=BCnther?= <admin@xenrox.net>
Date: Wed, 22 Jun 2022 15:12:27 +0200
Subject: [PATCH] wireguard_desktop: Rename role

Has additional support for internal wireguard config. Use a more
meaningful name for the wireguard config files.
---
 playbooks/local.yml                              |  2 +-
 roles/wireguard_desktop/tasks/main.yml           | 16 ++++++++++++++++
 .../templates/wg-internal.conf.j2                |  9 +++++++++
 .../templates/wg-vpn.conf.j2}                    |  0
 roles/wireguard_vpn_client/tasks/main.yml        |  8 --------
 5 files changed, 26 insertions(+), 9 deletions(-)
 create mode 100644 roles/wireguard_desktop/tasks/main.yml
 create mode 100644 roles/wireguard_desktop/templates/wg-internal.conf.j2
 rename roles/{wireguard_vpn_client/templates/wg1.conf.j2 => wireguard_desktop/templates/wg-vpn.conf.j2} (100%)
 delete mode 100644 roles/wireguard_vpn_client/tasks/main.yml

diff --git a/playbooks/local.yml b/playbooks/local.yml
index 397281c..b06d9bb 100644
--- a/playbooks/local.yml
+++ b/playbooks/local.yml
@@ -8,4 +8,4 @@
     - { role: ssh }
     - { role: croc }
     - { role: minio_client }
-    - { role: wireguard_vpn_client }
+    - { role: wireguard_desktop }
diff --git a/roles/wireguard_desktop/tasks/main.yml b/roles/wireguard_desktop/tasks/main.yml
new file mode 100644
index 0000000..cc4f3a8
--- /dev/null
+++ b/roles/wireguard_desktop/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+- name: Configure wg-vpn
+  ansible.builtin.template:
+    src: wg-vpn.conf.j2
+    dest: /etc/wireguard/wg-vpn.conf
+    owner: root
+    group: root
+    mode: 0600
+
+- name: Configure wg-internal
+  ansible.builtin.template:
+    src: wg-internal.conf.j2
+    dest: /etc/wireguard/wg-internal.conf
+    owner: root
+    group: root
+    mode: 0600
diff --git a/roles/wireguard_desktop/templates/wg-internal.conf.j2 b/roles/wireguard_desktop/templates/wg-internal.conf.j2
new file mode 100644
index 0000000..16cf040
--- /dev/null
+++ b/roles/wireguard_desktop/templates/wg-internal.conf.j2
@@ -0,0 +1,9 @@
+[Interface]
+Address = 10.0.0.1/24
+PrivateKey = {{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/localhost.key:content') | trim }}
+
+[Peer]
+PublicKey = {{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/xenrox.net.pub:content') | trim }}
+PresharedKey = {{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/localhost.psk:content') | trim }}
+Endpoint = xenrox.net:51820
+AllowedIPs = 10.0.0.2/32
diff --git a/roles/wireguard_vpn_client/templates/wg1.conf.j2 b/roles/wireguard_desktop/templates/wg-vpn.conf.j2
similarity index 100%
rename from roles/wireguard_vpn_client/templates/wg1.conf.j2
rename to roles/wireguard_desktop/templates/wg-vpn.conf.j2
diff --git a/roles/wireguard_vpn_client/tasks/main.yml b/roles/wireguard_vpn_client/tasks/main.yml
deleted file mode 100644
index fb48d97..0000000
--- a/roles/wireguard_vpn_client/tasks/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Configure wireguard
-  ansible.builtin.template:
-    src: wg1.conf.j2
-    dest: /etc/wireguard/wg1.conf
-    owner: root
-    group: root
-    mode: 0600
-- 
2.44.0