From 7e02d120b58eee2b82e77e1ec617a46f9b8c60e1 Mon Sep 17 00:00:00 2001
From: sonny <sonnyba871@gmail.com>
Date: Sat, 1 Mar 2025 20:27:46 +0100
Subject: [PATCH] Applied changes from 63c164a to default Wireguard setup

---
 tasks/wireguard.yml                           | 25 ++++++++++---------
 .../wireguard/default/mobile.wireguard.j2     |  4 +--
 vars/vpn.yml                                  |  1 +
 3 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/tasks/wireguard.yml b/tasks/wireguard.yml
index 577bdaf..91fcc16 100644
--- a/tasks/wireguard.yml
+++ b/tasks/wireguard.yml
@@ -1,4 +1,4 @@
-- name: Copy wireguard configuration files
+- name: Copy Wireguard configuration files
   become: true
   ansible.builtin.template:
     src: '{{ item.src }}'
@@ -13,14 +13,7 @@
       dest: '/etc/systemd/network/wg0.network'
   notify: restart systemd-networkd
 
-- name: Copy mobile configuration
-  ansible.builtin.template:
-    src: 'templates/network/wireguard/default/mobile.wireguard.j2'
-    dest: '/tmp/mobile.conf'
-    mode: '0600'
-  when: copy_vpn_configurations
-
-- name: Create wireguard directories
+- name: Create Wireguard directories
   become: true
   ansible.builtin.file:
     path: '{{ item | dirname }}'
@@ -28,10 +21,9 @@
     group: systemd-network
     mode: '0640'
     state: directory
+    recurse: true
   loop:
     - '{{ vpn_key_directory }}'
-    - '{{ vpn_server_key_path }}'
-    - '{{ vpn_server_public_key_path }}'
 
 - name: Copy Wireguard server credentials
   become: true
@@ -63,7 +55,7 @@
       dest: '{{ vpn_key_directory }}/private/mobile.key'
   notify: restart systemd-networkd
 
-- name: Copy wireguard preshared keys
+- name: Copy Wireguard preshared keys
   become: true
   ansible.builtin.copy:
     src: '{{ item.value.preshared_key_source_path }}'
@@ -73,3 +65,12 @@
     mode: '0640'
   with_dict: '{{ vpn_peers }}'
   notify: restart systemd-networkd
+
+- name: Copy Wireguard mobile configuration
+  become: true
+  ansible.builtin.template:
+    src: 'templates/network/wireguard/default/mobile.wireguard.j2'
+    dest: '/tmp/mobile.conf'
+    mode: '0600'
+    owner: '{{ ansible_user_id }}'
+  when: copy_vpn_configurations
diff --git a/templates/network/wireguard/default/mobile.wireguard.j2 b/templates/network/wireguard/default/mobile.wireguard.j2
index b5d1041..2f9773b 100644
--- a/templates/network/wireguard/default/mobile.wireguard.j2
+++ b/templates/network/wireguard/default/mobile.wireguard.j2
@@ -5,7 +5,7 @@ Address={{ vpn_peers.mobile.ip }}/24
 PrivateKey={{ lookup("file", vpn_peers.mobile.private_key_source_path) }}
 
 [Peer]
-PublicKey={{ lookup("file", vpn_server_public_key_path) }}
-PresharedKey={{ lookup("file", vpn_peers.mobile.preshared_key_path) }}
+PublicKey={{ lookup("file", vpn_server_public_key_source_path) }}
+PresharedKey={{ lookup("file", vpn_peers.mobile.preshared_key_source_path) }}
 AllowedIPs={{ vpn_listen_address }}/32
 Endpoint={{ domain_name }}:{{ vpn_port }}
diff --git a/vars/vpn.yml b/vars/vpn.yml
index e5ad24f..0e863ee 100644
--- a/vars/vpn.yml
+++ b/vars/vpn.yml
@@ -8,6 +8,7 @@ vpn_destination_range: '10.0.0.1/32'
 
 vpn_key_directory: '/etc/wireguard/keys'
 vpn_server_public_key_path: '{{ vpn_key_directory }}/public/server.pub'
+vpn_server_public_key_source_path: 'files/wireguard/default/server.pub'
 vpn_server_key_path: '{{ vpn_key_directory }}/private/server.key'
 
 copy_vpn_configurations: false