wireguard: Correctif divers

- ajout génération clés wireguard
- activation NAT sur serveur
- activation service systemd wireguard sur serveur aussi

roles/wireguard/tasks/main.yml

@@ -3,6 +3,28 @@
     pkg:
       - wireguard
 
+- name: Generate the client keys
+  local_action:
+    module: shell
+    _raw_params: "wg genkey | tee credentials/wireguard/{{ inventory_hostname }}.private.key | wg pubkey > credentials/wireguard/{{ inventory_hostname }}.public.key"
+    creates: "credentials/wireguard/{{ inventory_hostname }}.private.key"
+  become: no
+
+- name: Get client IP
+  local_action:
+    module: copy
+    content: "{{ wireguard_address }}\n"
+    dest: "credentials/wireguard/{{ inventory_hostname }}.address"
+  become: no
+
+- name: Enable NAT on server
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: '1'
+    sysctl_set: true
+    state: present
+  when: wireguard_config is defined and wireguard_config == "server"
+
 - name: configure wireguard
   template:
     dest="/etc/wireguard/wg0.conf"
@@ -35,4 +57,3 @@
     enabled: true
     masked: false
     state: started
-  when: wireguard_config is not defined or wireguard_config == "client"