- name: Configure wireguard for wgvpn
  ansible.builtin.template:
    src: templates/wgvpn0.conf.j2
    dest: /etc/wireguard/wgvpn0.conf
    owner: root
    group: root
    mode: u+rw,g-rw,o-rw
  notify: Restart wgvpn

- name: Setup systemd-resolved drop-in config directory
  ansible.builtin.file:
    path: /etc/systemd/resolved.conf.d
    state: directory
    owner: root
    group: root
    mode: u+rw,g+r,o+r

- name: Configure systemd-resolved for wgvpn
  ansible.builtin.copy:
    src: files/wgvpn0.conf
    dest: /etc/systemd/resolved.conf.d/wgvpn0.conf
    owner: root
    group: root
    mode: u+rw,g+r,o+r
  notify: Restart systemd-resolved

- name: Enable wireguard service for wgvpn
  ansible.builtin.service:
    name: wg-quick@wgvpn0
    enabled: yes
    state: started