cache wireguard keys in directory

roles/backbone-babel/tasks/wg-keys.yml

 ---
+- name: Check if publickey is available
+  block:
   - name: Install wireguard tools
     ansible.builtin.apt:
       name: wireguard-tools
@@ -28,18 +30,20 @@
       mode: 0640
       owner: root
       group: systemd-network
+  when: "(role_path + '/files/wg-pubkeys/' + peer) is not exists"
 
 - name: Get public key
-  ansible.builtin.slurp:
+  ansible.builtin.fetch:
+    dest: "{{ role_path }}/files/wg-pubkeys/{{ peer }}"
     src: "{{ bb_babel_wg_public_key_path }}"
-  register: pubkey
+    flat: yes
 
 # BEWARE: update_fact/set_facts always applies to the current host and ignores delegate
 - name: Append the public key
   ansible.utils.update_fact:
     updates:
       - path: "bb_babel_wg_public_keys[{{ peer }}]"
-        value: "{{ pubkey.content|b64decode }}"
+        value: "{{ lookup('ansible.builtin.file', role_path + '/files/wg-pubkeys/' + peer) }}"
   register: updates
 
 # above just merges keys, this actually updates the variable