Update Wireguard to only template for netcup hosts

author: Joe Banks <[email protected]> 2024-07-18 00:53:16 +0100
committer: Joe Banks <[email protected]> 2024-07-19 20:39:08 +0100
commit: f8f041a5bb2e6b749a7264583e5611251e5f36a7 (patch)
tree: 5d2e57a4243757a7cd1fdcd94bf36106ac0ec0e2 /ansible/roles
parent: Split netcup services into separate top-level task in playbook (diff)
2 files changed, 4 insertions, 4 deletions
diff --git a/ansible/roles/wireguard/tasks/main.yml b/ansible/roles/wireguard/tasks/main.yml
index 9dc92dd..4d133fb 100644
--- a/ansible/roles/wireguard/tasks/main.yml
+++ b/ansible/roles/wireguard/tasks/main.yml
@@ -27,10 +27,10 @@
 
 - name: Ensure file permissions for keys set correctly
   file:
-    path: '{{ item }}'
+    path: "{{ item }}"
     owner: root
     group: root
-    mode: '0600'
+    mode: "0600"
   with_items:
     - /etc/wireguard/key.priv
     - /etc/wireguard/key.pub
@@ -55,7 +55,7 @@
   template:
     src: wg0.conf.j2
     dest: /etc/wireguard/wg0.conf
-    mode: '0600'
+    mode: "0600"
     group: root
     owner: root
   notify:
diff --git a/ansible/roles/wireguard/templates/wg0.conf.j2 b/ansible/roles/wireguard/templates/wg0.conf.j2
index 243e3c0..d3bbb56 100644
--- a/ansible/roles/wireguard/templates/wg0.conf.j2
+++ b/ansible/roles/wireguard/templates/wg0.conf.j2
@@ -6,7 +6,7 @@ PrivateKey = {{ wg_priv_key['content'] | b64decode | trim }}
 
 PostUp = ip route add local {{ wireguard_subnet }} dev eth0
 
-{% for host in hostvars.keys() if not host == inventory_hostname %}
+{% for host in groups["netcup"] if not host == inventory_hostname %}
 # Peer config for: {{ host }}
 [Peer]
 AllowedIPs = {{ hostvars[host]['wireguard_subnet'] }}
author	Joe Banks <[email protected]>	2024-07-18 00:53:16 +0100
committer	Joe Banks <[email protected]>	2024-07-19 20:39:08 +0100
commit	f8f041a5bb2e6b749a7264583e5611251e5f36a7 (patch)
tree	5d2e57a4243757a7cd1fdcd94bf36106ac0ec0e2 /ansible/roles
parent	Split netcup services into separate top-level task in playbook (diff)