---
- name: Ensure the required directories exist
  file:
    dest: "{{ wireguard_config_path }}/{{ item }}"
    state: directory
    recurse: true
  with_items:
    - private
    - public
  delegate_to: localhost
  become: false

- name: Include tasks for Ubuntu
  include_tasks: ubuntu.yml
  when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
  tags: always

- name: Include tasks for FreeBSD
  include_tasks: freebsd.yml
  when: ansible_distribution == 'FreeBSD'
  tags: always

- name: Generate keys
  import_tasks: keys.yml
  tags: update-users

- name: WireGuard configured
  template:
    src: server.conf.j2
    dest: "{{ config_prefix|default('/') }}etc/wireguard/{{ wireguard_interface }}.conf"
    mode: "0600"
  notify: restart wireguard
  tags: update-users

- name: WireGuard users config generated
  template:
    src: client.conf.j2
    dest: "{{ wireguard_config_path }}/{{ item.1 }}.conf"
    mode: "0600"
  with_indexed_items: "{{ users }}"
  tags: update-users
  delegate_to: localhost
  become: false

- name: WireGuard enabled and started
  service:
    name: "{{ service_name }}"
    state: started
    enabled: true

- meta: flush_handlers