ansible-ffibk/roles/service-fastd-mesh/tasks/main.yml

---
- name: configure systemd unit fastd@
  systemd:
    name: "fastd@{{ item.key }}VPN"
    enabled: yes
  with_dict: "{{ meshes }}"

- name: create fastd directories
  file:
    path: "/etc/fastd/{{ item.key }}VPN"
    state: directory
    mode: 0755
  with_dict: "{{ meshes }}"

- name: create fastd peer mesh directories
  file:
    path: "/etc/fastd/{{ item.key }}VPN/peers"
    state: directory
    mode: 0755
    owner: admin
    group: admin
  with_dict: "{{ meshes }}"

- name: create fastd peer mesh directories for ffbin
  file:
    path: "/etc/fastd/mzVPN/peers_bingen"
    state: directory
    mode: 0755
    owner: admin
    group: admin

- name: clone fastd peer mesh repos
  git:
    repo: "{{ item.value.peers_mesh_repo }}"
    dest: "/etc/fastd/{{ item.key }}VPN/peers"
    version: master
    update: no
  with_dict: "{{ meshes }}"
  become: false

- name: clone fastd peer mesh repo for ffbin
  git:
    repo: https://github.com/freifunk-bingen/peers-ffbin.git
    dest: /etc/fastd/mzVPN/peers_bingen
    version: master
    update: no
  become: false

- name: template fastd mesh config
  template:
    src: fastd-mesh.conf.j2
    dest: "/etc/fastd/{{ item.key }}VPN/fastd.conf"
  notify: restart fastd mesh instances
  with_dict: "{{ meshes }}"

- name: write fastd mesh secret
  template:
    src: fastd-secret.conf.j2
    dest: "/etc/fastd/{{ item.key }}VPN/secret.conf"
  notify: restart fastd mesh instances
  with_dict: "{{ meshes }}"