diff --git a/roles/wireguard/special_client/defaults/main.yml b/roles/wireguard/special_client/defaults/main.yml
new file mode 100644
index 0000000..1e8e8d2
--- /dev/null
+++ b/roles/wireguard/special_client/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+
+# hostname: example.com
+client_private_key: "{{ global_wireguard_private_directory }}/{{ hostname }}"
+client_public_key: "{{ global_wireguard_public_directory }}/{{ hostname }}"
diff --git a/roles/wireguard/special_client/tasks/main.yml b/roles/wireguard/special_client/tasks/main.yml
new file mode 100644
index 0000000..b8216a6
--- /dev/null
+++ b/roles/wireguard/special_client/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+
+- name: Generate private key
+  command: >-
+    /bin/sh -c "/usr/bin/wg genkey > {{ wireguard_client_private_key | quote }}"
+  args:
+    creates: "{{ wireguard_client_private_key }}"
+  register: wireguard_private_key
+  delegate_to: 127.0.0.1
+
+- name: Generate public key
+  command: >-
+    /bin/sh -c "< {{ client_public_key | quote }} /usr/bin/wg pubkey > {{ wireguard_client_private_key | quote }}"
+  when: wireguard_private_key.changed
+  delegate_to: 127.0.0.1