As an operator, I can continually bootsrap VPN users at a regular cadence #16
Description
Workflow add-vpn-user is functional, but requires manual runtime input, a record identifyier of which record to write wireguard VPN config to into the password manager (in this case, Psono- but could be any password manager (a keepassxc store, pass, bitwarden, legacy Lastpass etc)
Given the record identifier isn't PII*, consider placing these record identifiers in a pipeline so that VPN credentials may automatically be refreshed at a regular cadnce. *They may be encrypted anyway, such as using ansible vault/amber/pass etc.
Related #14