ansible/roles/wireguard/application/tasks/main.yml

---

- name: Install wireguard using apt
  apt:
    name:
      - wireguard
    state: present
    update_cache: yes

- name: Create wireguard key directory
  file:
    state: directory
    path: "{{ wireguard_key_directory }}"
    owner: root
    group: root
    mode: "u=rwx,g=,o="

- name: Generate key pair
  command: >-
    /bin/sh -c "wg genkey
    | tee {{ wireguard_private_key | quote }}
    | wg pubkey > {{ wireguard_public_key | quote }}"    
  args:
    chdir: "{{ wireguard_key_directory }}"
    creates: "{{ wireguard_public_key }}"

- name: Download wireguard public key
  fetch:
    src: "{{ wireguard_public_key }}"
    dest: "{{ global_wireguard_public_directory }}/{{ ansible_fqdn }}"
    fail_on_missing: yes
    flat: yes
    validate_checksum: yes