From 35605ce0a6677bc8509d5cb27988b89570f35647 Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Sun, 19 Jan 2020 17:33:14 +0000
Subject: [PATCH] Move wireguard clients configuration to home dir

Makes it easier to provision machines
---
 ansible/group_vars/all/user.yml           |  2 ++
 ansible/roles/gateway/tasks/wireguard.yml | 13 ++++++-------
 2 files changed, 8 insertions(+), 7 deletions(-)
 create mode 100644 ansible/group_vars/all/user.yml

diff --git a/ansible/group_vars/all/user.yml b/ansible/group_vars/all/user.yml
new file mode 100644
index 0000000..28cc9ed
--- /dev/null
+++ b/ansible/group_vars/all/user.yml
@@ -0,0 +1,2 @@
+user: jake
+home: "/home/{{ user }}"
diff --git a/ansible/roles/gateway/tasks/wireguard.yml b/ansible/roles/gateway/tasks/wireguard.yml
index fb75f1f..61d9206 100644
--- a/ansible/roles/gateway/tasks/wireguard.yml
+++ b/ansible/roles/gateway/tasks/wireguard.yml
@@ -51,18 +51,17 @@
 
 - name: Create wireguard client directory
   file:
-    path: /etc/wireguard/clients
+    path: "{{ home }}/wireguard-clients"
     state: directory
-  become: true
-  become_user: root
+    owner: "{{ user }}"
+    mode: 0700
 
 - name: Wireguard client configuration
   template:
     src: files/wireguard-client.conf
-    dest: /etc/wireguard/clients/{{ item.key }}.conf
-    backup: yes
-  become: true
-  become_user: root
+    dest: "{{ home }}/wireguard-clients/{{ item.key }}.conf"
+    owner: "{{ user }}"
+    mode: 0600
   loop: "{{ wireguard.clients|dict2items }}"
   loop_control:
     label: "{{ item.key }}"