---
- name: autogenerate wireguard private key file
  when: "'priv_key' not in wireguard_p2p_interface"
  block:
  - name: generate private key
    shell:
      cmd: "umask 0027; wg genkey > '/etc/systemd/network/{{ wireguard_p2p_interface.name }}.privkey'"
      creates: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.privkey"

  - name: make sure systemd-netword can read the private key file
    file:
      path: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.privkey"
      mode: 0640
      group: systemd-network

- name: install wireguard interfaces (netdev)
  template:
    src: systemd.netdev.j2
    dest: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.netdev"
    mode: 0640
    group: systemd-network
  notify: restart systemd-networkd

- name: install wireguard interfaces (network)
  template:
    src: systemd.network.j2
    dest: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.network"
  notify: restart systemd-networkd

- name: make sure systemd-networkd is enabled
  systemd:
    name: systemd-networkd
    enabled: yes
    state: started