document interface delete and enable keys

pillar.example

@@ -1,5 +1,9 @@
 wireguard:
   wg0:
+    # default False
+    delete: False
+    # default True
+    enable: True
     config: |
         [Interface]
         Address = fe80::1/64

wireguard/init.sls

@@ -1,23 +1,43 @@
 {%- for interface in salt['pillar.get']('wireguard', {}).keys() %}
 
-{% if salt['pillar.get']('wireguard:' ~ interface ~ ':enable', True) %}
-wireguard_interface_{{interface}}:
+{% if salt['pillar.get']('wireguard:' ~ interface ~ ':delete', False) %}
+stop and disable wg-quick@{{interface}}:
+  service.dead:
+    - name: wg-quick@{{interface}}
+    - enable: False
+remove wireguard_interface_{{interface}}:
+  file.absent:
+    - name: /etc/wireguard/{{interface}}.conf
+{% elif not salt['pillar.get']('wireguard:' ~ interface ~ ':enable', True) %}
+stop and disable wg-quick@{{interface}}:
+  service.dead:
+    - name: wg-quick@{{interface}}
+    - enable: False
+{% else %}
+
+{% if salt['pillar.get']('wireguard:' ~ interface ~ ':config') %}
+wireguard_interface_{{interface}}_config:
   file.managed:
     - name: /etc/wireguard/{{interface}}.conf
     - contents_pillar: wireguard:{{interface}}:config
-    - mode: 640
+    - mode: 600
+{% else %}
+wireguard_interface_{{interface}}_config:
+  file.managed:
+    - name: /etc/wireguard/{{interface}}.conf
+    - source: salt://wireguard/files/wg.conf
+    - template: jinja2
+    - context:
+      interface: {{interface}}
+    - mode: 600
+{% endif %}
 
 restart wg-quick@{{interface}}:
   service.running:
     - name: wg-quick@{{interface}}
     - enable: True
     - watch:
-      - file: wireguard_interface_{{interface}}
-{% else %}
-stop and disable wg-quick@{{interface}}:
-  service.dead:
-    - name: wg-quick@{{interface}}
-    - enable: False
+      - file: wireguard_interface_{{interface}}_config
 {% endif %}
 
 {%- endfor %}