From 4aa1aa7beec9cc0494950392f012d70f494ab7ae Mon Sep 17 00:00:00 2001
From: Moses Frost <moses@moses.io>
Date: Thu, 9 Aug 2018 07:07:44 -0400
Subject: [PATCH 1/2] The roles/wireguard/templates/client.conf.j2 was not
 working on Ubuntu 18.04 as a client. While this is not officially supported
 at this time, it would appear if you actually switch the spot in which the
 address shows up and the private key exists so that address is first and
 private key is next then the ubuntu client will accept it. For those that
 want to test it, the following will help you test on ubuntu 18.04 as a
 client: First setup Wireguard by using the PPA for wireguard and installing
 it. Next create the wg0 interface by using: sudo ip link add dev wg0 .
 Finally if you copy the <yourname>.conf for the wireguard client into
 /etc/wireguard/wg0.conf you can now perform a sudo wg-quick up wg0 and get
 full tunnel connectivity.

---
 roles/wireguard/templates/client.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wireguard/templates/client.conf.j2 b/roles/wireguard/templates/client.conf.j2
index f75f0f43..6b412d3f 100644
--- a/roles/wireguard/templates/client.conf.j2
+++ b/roles/wireguard/templates/client.conf.j2
@@ -1,6 +1,6 @@
 [Interface]
-PrivateKey = {{ lookup('file', wireguard_config_path + '/private/' + item.1) }}
 Address = {{ wireguard_network_ipv4['clients_range'] }}.{{ wireguard_network_ipv4['clients_start'] + item.0 + 1 }}/32{% if ipv6_support %},{{ wireguard_network_ipv6['clients_range'] }}{{ wireguard_network_ipv6['clients_start'] + item.0 + 1 }}/{{ wireguard_network_ipv6['prefix'] }}
+PrivateKey = {{ lookup('file', wireguard_config_path + '/private/' + item.1) }}
 {% endif %}
 
 DNS = {{ wireguard_dns_servers }}

From 208d41a0e1731f54efcc6bcb331a57ad08a76260 Mon Sep 17 00:00:00 2001
From: Moses Frost <moses@moses.io>
Date: Thu, 9 Aug 2018 07:18:37 -0400
Subject: [PATCH 2/2] There is an issue with Google Cloud Engine's build of
 Ubuntu 18.04 and the creation of the a Private Key using OpenSSL Rand. The
 errors reads that a Non-Zero return was coming back from the shell under
 Ansible 2.5.1. This however doesn't mean that there was an error, just that
 the shell returned a return code of :1 (or true). Ignorning errors seemed to
 be the guidance from the ansible individuals that was asked

---
 playbooks/facts/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/playbooks/facts/main.yml b/playbooks/facts/main.yml
index a03e7810..c2d67590 100644
--- a/playbooks/facts/main.yml
+++ b/playbooks/facts/main.yml
@@ -24,6 +24,7 @@
     module: shell
       openssl rand -hex 16
   become: no
+  ignore_errors: yes
   register: CA_password
 
 - name: Generate p12 export password