From f8f041a5bb2e6b749a7264583e5611251e5f36a7 Mon Sep 17 00:00:00 2001
From: Joe Banks <joe@jb3.dev>
Date: Thu, 18 Jul 2024 00:53:16 +0100
Subject: Update Wireguard to only template for netcup hosts

---
 ansible/roles/wireguard/tasks/main.yml        | 6 +++---
 ansible/roles/wireguard/templates/wg0.conf.j2 | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'ansible')

diff --git a/ansible/roles/wireguard/tasks/main.yml b/ansible/roles/wireguard/tasks/main.yml
index 9dc92dd..4d133fb 100644
--- a/ansible/roles/wireguard/tasks/main.yml
+++ b/ansible/roles/wireguard/tasks/main.yml
@@ -27,10 +27,10 @@
 
 - name: Ensure file permissions for keys set correctly
   file:
-    path: '{{ item }}'
+    path: "{{ item }}"
     owner: root
     group: root
-    mode: '0600'
+    mode: "0600"
   with_items:
     - /etc/wireguard/key.priv
     - /etc/wireguard/key.pub
@@ -55,7 +55,7 @@
   template:
     src: wg0.conf.j2
     dest: /etc/wireguard/wg0.conf
-    mode: '0600'
+    mode: "0600"
     group: root
     owner: root
   notify:
diff --git a/ansible/roles/wireguard/templates/wg0.conf.j2 b/ansible/roles/wireguard/templates/wg0.conf.j2
index 243e3c0..d3bbb56 100644
--- a/ansible/roles/wireguard/templates/wg0.conf.j2
+++ b/ansible/roles/wireguard/templates/wg0.conf.j2
@@ -6,7 +6,7 @@ PrivateKey = {{ wg_priv_key['content'] | b64decode | trim }}
 
 PostUp = ip route add local {{ wireguard_subnet }} dev eth0
 
-{% for host in hostvars.keys() if not host == inventory_hostname %}
+{% for host in groups["netcup"] if not host == inventory_hostname %}
 # Peer config for: {{ host }}
 [Peer]
 AllowedIPs = {{ hostvars[host]['wireguard_subnet'] }}
-- 
cgit v1.2.3