---
- name: configure tunnel on eae-adp-jump01
  hosts: eae-adp-jump01
  tasks:
    - name: create wgX interface files
      template:
        src: "{{ item }}"
        dest: /etc/
        mode: 0600
      with_fileglob:
        - "templates/hostname.wg*"
      notify:
        - reload interfaces

    - name: create pf.wgX.conf files
      copy:
        src: "{{ item }}"
        dest: /etc/
        mode: 0600
      with_fileglob:
        - "files/pf.wg*.conf"
      notify:
        - reload firewall

    - name: include pf.wgX.conf in pf.include.conf
      lineinfile:
        path: /etc/pf.include.conf
        line: 'include "/etc/{{ item | basename }}"'
      with_fileglob:
        - "files/pf.wg*.conf"
      notify:
        - reload firewall

    - name: create ospfd.conf
      copy:
        src: files/ospfd.conf
        dest: /etc/ospfd.conf
        mode: 0600
        validate: "/usr/sbin/ospfd -n -f %s"
      notify:
        - restart ospfd

    - name: enable ospfd
      service:
        name: ospfd
        state: started
        enabled: yes

  handlers:
    - name: reload firewall
      command: pfctl -vf /etc/pf.conf

    - name: reload interfaces
      command: sh /etc/netstart

    - name: restart ospfd
      service:
        name: ospfd
        state: restarted