---

- name: Allow wireguard on firewall
  ufw:
    rule: allow
    port: "{{ global_wireguard_port }}"
    proto: udp

- name: Store public key to backbones
  copy:
    src: "{{ global_wireguard_peers_directory }}/{{ inventory_hostname }}"
    dest: "{{ netdev_directory }}/{{ inventory_hostname }}.conf"
    owner: root
    group: root
    mode: "u=rw,g=r,o=r"
  delegate_to: "{{ item }}"
  when: "item != inventory_hostname"
  loop: "{{ groups['wireguard_backbones'] }}"