#################### 
# - Check Variables
#################### 
- name: "[Play] Check Variables"
  assert:
    that:
      - "hosts_wg0 is defined"

- name: "[Host][localhost] Check Variables"
  assert:
    that:
      - "hostvars['localhost'].nodes_to_ipv4s_private is defined"

- name: "[Host] Check Variables"
  assert:
    that:
      - "wg0_private_key is defined"
      - "wg0_public_key is defined"
      - "wg0_ip is defined"
  with_items: "{{ hosts_wg0 }}"
    
- name: "[Special][Inter-Host PSKs] Check Variables"
  assert:
    that:
      - "'wg0_psk_' ~ item is defined"
  with_items: "{{ hosts_wg0 }}"
  when: "item != inventory_hostname"

#################### 
# - Wireguard
#################### 
- name: "Install Wireguard Tools"
  ansible.builtin.apt:
    state: "present"
    name: "wireguard"

- name: "systemd-networkd: Install wg0 Device"
  template:
    src: "{{ role_path }}/templates/99-wg0.netdev"
    dest: "/etc/systemd/network/99-wg0.netdev"
    owner: "root"
    group: "systemd-network"
    mode: "0640"
  notify: "restart systemd-networkd"

- name: "systemd-networkd: Install wg0 Network"
  template:
    src: "{{ role_path }}/templates/99-wg0.network"
    dest: "/etc/systemd/network/99-wg0.network"
    owner: "root"
    group: "systemd-network"
    mode: "0640"
  notify: "restart systemd-networkd"

#################### 
# - Wireguard - Enable Packet Forwarding
#################### 
- name: "Set net.ipv4.ip_forward = 1"
  sysctl:
    state: "present"
    name: "net.ipv4.ip_forward"
    value: "1"
    reload: "yes"
  notify: "restart systemd-networkd"

- name: "Run Notified Handlers"
  meta: "flush_handlers"