From bf7ede48c48f97e10c83425b13bd035b75913469 Mon Sep 17 00:00:00 2001
From: "Antonio J. Delgado" <ad@susurrando.com>
Date: Thu, 5 Oct 2023 11:05:32 +0300
Subject: [PATCH] remove firewall rule and fix hosts file config

---
 tasks/configure.yml | 53 ++++++++-------------------------------------
 1 file changed, 9 insertions(+), 44 deletions(-)

diff --git a/tasks/configure.yml b/tasks/configure.yml
index b621c94..922d83d 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -47,54 +47,19 @@
     msg: "Remember to add this host '{{ inventory_hostname }}'' public key to the inventory '{{ public_key }}'"
   when: key_generation.changed
 
-# - name: Ensure cron to ping VPN server exists
-#   cron:
-#     name: Ping Hiljainen
-#     state: absent
-#     job: ping -c 3 192.168.2.4 &> /dev/null
-#     hour: '1'
-#     user: gestor
-
-# - name: Ensure service unit to ping server exists
-#   template:
-#     src: templates/ping_wg_server.service.j2
-#     dest: '/etc/systemd/system/ping_wg_server.service'
-#     backup: yes
-
-# - name: Ensure timer unit to ping server exists
-#   template:
-#     src: templates/ping_wg_server.timer.j2
-#     dest: '/etc/systemd/system/ping_wg_server.timer'
-#     backup: yes
-
-# - name: Ensure ping systemd service unit is enabled
-#   systemd:
-#     name: ping_wg_server.service
-#     enabled: false
-#     daemon_reload: true
-#     masked: false
-
-# - name: Ensure ping systemd timer unit is enabled
-#   systemd:
-#     name: ping_wg_server.timer
-#     state: started
-#     enabled: false
-#     daemon_reload: true
-#     masked: false
-
 - name: Get host public IP
   uri:
     url: https://api.ipify.org?format=json
   register: pub_ip
 
-- name: Allow traffic to server
-  ufw:
-    rule: allow
-    from: "{{ pub_ip.json.ip }}"
-  delegate_to: "{{ groups['wireguard_server'][0] }}"
-  notify:
-    - Restart Wireguard service
-    - Ping Wireguard server
+# - name: Allow traffic to server
+#   ufw:
+#     rule: allow
+#     from: "{{ pub_ip.json.ip }}"
+#   delegate_to: "{{ groups['wireguard_server'][0] }}"
+#   notify:
+#     - Restart Wireguard service
+#     - Ping Wireguard server
 
 - name: Configure peers hosts file entry
   lineinfile:
@@ -103,4 +68,4 @@
     line: "{{ item['AllowedIPs'] | regex_replace('/.*$', '')}} {{ item['name'] }}.{{ vpn_domain }}"
     backup: true
     create: true
-  loop: "{{ wireguard_peers }}"
+  loop: "{{ groups['wireguard_clients'] }}"