# wireguard_server.yml - Configure WireGuard VPN server --- - name: Get Private Key [privatekey => var_privatekey] shell: cat privatekey register: wg_server_private_key args: chdir: /etc/wireguard - name: Deploy WireGuard server configuration ansible.builtin.template: src: templates/wireguard_server.jinja dest: "/etc/wireguard/{{ wg_interface }}.conf" owner: root group: root mode: '0600' notify: Restart WireGuard - name: Enable and start WireGuard ansible.builtin.systemd: name: "wg-quick@{{ wg_interface }}" state: started enabled: true - name: Open WireGuard port in firewall community.general.ufw: rule: allow port: "{{ wg_port }}" proto: udp comment: "WireGuard VPN" ignore_errors: true