- name: Install WireGuard
  apt:
    name: wireguard
    state: present
    update_cache: true

- name: Generate WireGuard keys
  shell: wg genkey | tee privatekey | wg pubkey > publickey
  args:
    chdir: /etc/wireguard/
    creates: /etc/wireguard/privatekey

- name: Grab WireGuard private key for configuration
  slurp:
    src: /etc/wireguard/privatekey
  register: wgkey

- name: Install WireGuard configuration
  template:
    src: wireguard.j2
    dest: /etc/wireguard/wg0.conf
  notify:
    - restart_wireguard

- name: Start WireGuard interface
  service:
    name: wg-quick@wg0
    state: started
    enabled: true