Use seperate preshared keys for each peer

2021-12-28 12:28:55 +01:00 · 2021-12-28 12:28:55 +01:00 · 603718458d
commit 603718458d
parent 29a6d82b1d
5 changed files with 22 additions and 6 deletions
--- a/tasks/network.yml
+++ b/tasks/network.yml
@ -55,10 +55,16 @@
        src: 'files/wireguard/server.key',
        dest: '{{ vpn_server_key_path }}',
      }
-    - {
-        src: 'files/wireguard/preshared.key',
-        dest: '{{ vpn_preshared_path }}',
-      }
+
+- name: copy wireguard preshared keys
+  become: true
+  copy:
+    src: '{{ item.preshared_key_source_path }}'
+    dest: '{{ item.preshared_key_path }}'
+    owner: root
+    group: systemd-network
+    mode: '0640'
+  loop: '{{ vpn_peers }}'

 - name: restart systemd-networkd
  become: true