---
- name: create fastd backbone directories
  file:
    path: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}"
    state: directory
    mode: 0755
  loop: "{{ meshes | subelements('fastd.backbone.instances') }}"

- name: create fastd peer backbone directories
  file:
    path: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/peers"
    state: directory
    mode: 0755
    owner: admin
    group: admin
  loop: "{{ meshes | subelements('fastd.backbone.instances') }}"

- name: clone fastd peer backbone repos
  git:
    repo: "{{ item.1.peers.repo }}"
    dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/peers"
    version: "{{ item.1.peers.version }}"
    update: yes
  tags: sync-peers
  notify: reload fastd backbone instances
  loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
  become: false

- name: template fastd backbone config
  template:
    src: fastd-backbone.conf.j2
    dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/fastd.conf"
  notify: restart fastd backbone instances
  loop: "{{ meshes | subelements('fastd.backbone.instances') }}"
  tags: debug

- name: write fastd backbone secret
  template:
    src: fastd-secret.conf.j2
    dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/secret.conf"
  notify: restart fastd backbone instances
  loop: "{{ meshes | subelements('fastd.backbone.instances') }}"

- name: configure systemd unit fastd@
  systemd:
    name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}"
    enabled: yes
    state: started
  loop: "{{ meshes | subelements('fastd.backbone.instances') }}"