Role service-fastd-mesh: move peer limit to a separate file which isn't managed by ansible

roles/service-fastd-mesh/files/peer_limit.conf

@@ -0,0 +1 @@
+peer limit 200;

roles/service-fastd-mesh/tasks/main.yml

@@ -60,6 +60,26 @@
   notify: restart fastd mesh instances
   with_dict: "{{ meshes }}"
 
+- name: copy peer_limit.conf if not exist
+  copy:
+    src: peer_limit.conf
+    dest: "/etc/fastd/{{ item.key }}VPN/peer_limit.conf"
+    owner: admin
+    group: admin
+    mode: 0640
+    force: no
+  notify: restart fastd mesh instances
+  with_dict: "{{ meshes }}"
+
+- name: set file attributes for peer_limit.conf
+  file:
+    path: "/etc/fastd/{{ item.key }}VPN/peer_limit.conf"
+    mode: 0640
+    owner: admin
+    group: admin
+  notify: restart fastd mesh instances
+  with_dict: "{{ meshes }}"
+
 - name: write systemd unit fastd-sync-meshkeys.service
   template:
     src: fastd-sync-meshkeys.service.j2

roles/service-fastd-mesh/templates/fastd-mesh.conf.j2

@@ -18,7 +18,7 @@ include "secret.conf";
 mtu 1406;
 
 peer group "vpn_nodes" {
-    peer limit 150;
+    include "peer_limit.conf";
     include peers from "peers";
 {% if item.key == "mz" %}
     include peers from "peers_bingen";