Move wireguard clients configuration to home dir

Makes it easier to provision machines
2020-01-19 17:33:14 +00:00 · 2020-01-19 17:33:14 +00:00 · 35605ce0a6
commit 35605ce0a6
parent 9ba8dab836
2 changed files with 8 additions and 7 deletions
--- a/ansible/group_vars/all/user.yml
+++ b/ansible/group_vars/all/user.yml
@ -0,0 +1,2 @@
+user: jake
+home: "/home/{{ user }}"
--- a/ansible/roles/gateway/tasks/wireguard.yml
+++ b/ansible/roles/gateway/tasks/wireguard.yml
@ -51,18 +51,17 @@

 - name: Create wireguard client directory
  file:
-    path: /etc/wireguard/clients
+    path: "{{ home }}/wireguard-clients"
    state: directory
-  become: true
-  become_user: root
+    owner: "{{ user }}"
+    mode: 0700

 - name: Wireguard client configuration
  template:
    src: files/wireguard-client.conf
-    dest: /etc/wireguard/clients/{{ item.key }}.conf
-    backup: yes
-  become: true
-  become_user: root
+    dest: "{{ home }}/wireguard-clients/{{ item.key }}.conf"
+    owner: "{{ user }}"
+    mode: 0600
  loop: "{{ wireguard.clients|dict2items }}"
  loop_control:
    label: "{{ item.key }}"