vpn-btcpay-provisioner/ansible/playbooks/vpn_cleanup.yml

---
- name: Cleanup expired VPN configuration
  hosts: vpn_servers
  become: yes
  vars:
    client_dir: /etc/wireguard/clients
    test_client_dir: /etc/wireguard/test_clients
    wg_interface: wg0
    is_test: false  # Default to production mode
    
  tasks:
    - name: Debug cleanup information
      debug:
        msg: 
          - "Cleaning up subscription ID: {{ subscription_id }}"
          - "Test mode: {{ is_test }}"

    # Set working directory based on mode
    - name: Set working directory based on mode
      set_fact:
        working_client_dir: "{{ test_client_dir if is_test else client_dir }}"

    - name: Remove client configuration directory
      file:
        path: "{{ working_client_dir }}/{{ subscription_id }}"
        state: absent
        
    - name: Remove client from server config
      blockinfile:
        path: "/etc/wireguard/{{ wg_interface }}.conf"
        marker: "# {mark} ANSIBLE MANAGED BLOCK FOR {{ subscription_id }}"
        state: absent
      notify: restart wireguard

    # Remove cleanup cron job if it exists (for test configs)
    - name: Remove cleanup cronjob
      when: is_test
      cron:
        name: "cleanup_test_vpn_{{ subscription_id }}"
        state: absent
        
    - name: Log cleanup
      shell: |
        logger -t vpn-cleanup "Cleaned up VPN configuration for {{ subscription_id }} ({{ 'test' if is_test else 'production' }})"
        
  handlers:
    - name: restart wireguard
      service:
        name: "wg-quick@{{ wg_interface }}"
        state: restarted
flask update 2024-12-13 09:57:12 +00:00			`---`
			`- name: Cleanup expired VPN configuration`
			`hosts: vpn_servers`
			`become: yes`
			`vars:`
			`client_dir: /etc/wireguard/clients`
payment flow / provsion is working. need to test wireguard 2025-01-09 20:52:46 +00:00			`test_client_dir: /etc/wireguard/test_clients`
flask update 2024-12-13 09:57:12 +00:00			`wg_interface: wg0`
payment flow / provsion is working. need to test wireguard 2025-01-09 20:52:46 +00:00			`is_test: false # Default to production mode`
flask update 2024-12-13 09:57:12 +00:00
			`tasks:`
payment flow / provsion is working. need to test wireguard 2025-01-09 20:52:46 +00:00			`- name: Debug cleanup information`
flask update 2024-12-13 09:57:12 +00:00			`debug:`
payment flow / provsion is working. need to test wireguard 2025-01-09 20:52:46 +00:00			`msg:`
			`- "Cleaning up subscription ID: {{ subscription_id }}"`
			`- "Test mode: {{ is_test }}"`

			`# Set working directory based on mode`
			`- name: Set working directory based on mode`
			`set_fact:`
			`working_client_dir: "{{ test_client_dir if is_test else client_dir }}"`

flask update 2024-12-13 09:57:12 +00:00			`- name: Remove client configuration directory`
			`file:`
payment flow / provsion is working. need to test wireguard 2025-01-09 20:52:46 +00:00			`path: "{{ working_client_dir }}/{{ subscription_id }}"`
flask update 2024-12-13 09:57:12 +00:00			`state: absent`

			`- name: Remove client from server config`
			`blockinfile:`
			`path: "/etc/wireguard/{{ wg_interface }}.conf"`
			`marker: "# {mark} ANSIBLE MANAGED BLOCK FOR {{ subscription_id }}"`
			`state: absent`
			`notify: restart wireguard`
payment flow / provsion is working. need to test wireguard 2025-01-09 20:52:46 +00:00
			`# Remove cleanup cron job if it exists (for test configs)`
			`- name: Remove cleanup cronjob`
			`when: is_test`
			`cron:`
			`name: "cleanup_test_vpn_{{ subscription_id }}"`
			`state: absent`

			`- name: Log cleanup`
			`shell: \|`
			`logger -t vpn-cleanup "Cleaned up VPN configuration for {{ subscription_id }} ({{ 'test' if is_test else 'production' }})"`
flask update 2024-12-13 09:57:12 +00:00
			`handlers:`
			`- name: restart wireguard`
			`service:`
			`name: "wg-quick@{{ wg_interface }}"`
			`state: restarted`