diff --git a/deployments/serverBuild/vpnBuild.yml b/deployments/serverBuild/vpnBuild.yml
index bdfb128..0baabb1 100644
--- a/deployments/serverBuild/vpnBuild.yml
+++ b/deployments/serverBuild/vpnBuild.yml
@@ -4,45 +4,52 @@
   remote_user: josiah
   gather_facts: false
   become: yes
-  vars:
-    vpn_packages: [ 'strongswan','strongswan-pki','ufw' ]
-    remote_host: 165.22.156.25
-    local_host:  0.0.0.0
 
   tasks:
-    - name: Install required system packages
-      apt: name={{ vpn_packages }} state=latest
-
-    - name: set kernel params
+    - name: add unstable to repos
       shell: |
         echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list
         printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
 
-    - name: Update apt
+    - name: Update aptitude
       apt: update_cache=yes
 
     - name: install wireguard
-      apt: install wireguard
-
+      apt: name=wireguard state=latest
+
+    - name: install linux headers (necessary on older cloud kernels (fuck u digitalocean))
+      # the kernel version is hard coded because this is what DO currently uses
+      # and that's what i use
+      apt: name=linux-headers-4.19.0-6-cloud-amd64
+    - name: install misc other things the internet says i need
+      apt: name=build-essential
+    - name: install misc other things the internet says i need      
+      apt: name=dkms
+
+      # install wg, generate keys, files on local machine
+    - name:
+      
     - name: Generate keys, register public key to be used later
       shell: |
-        printf "[Interface]\nPrivateKey = " > wg0.conf
-        wg genkey | tee -a wg0.conf | wg pubkey > publickey
+        printf "[Interface]\nPrivateKey = " > /etc/wireguard/wg0.conf
+        wg genkey | tee -a /etc/wireguard/wg0.conf | wg pubkey > /etc/wireguard/publickey
       register: server_publickey
       vars:
-        chdir: /etc/wireguard/
         umask: "077"
 
     - name: fill out the rest of the wg0.conf file
-      shell: |
-        ListenPort = 51820
-        Address = 10.200.219.1/24     (this will be the IP given to the wg0 interface)
-        [Peer]
-        PublicKey = (leave this blank for now; you'll paste in your local public key here soon)
-        AllowedIPs = 10.200.219.0/24  (this is the range of Wireguard IP addresses that this Peer's key can be used from)
+      blockinfile:
+        path: /etc/wireguard/wg0.conf
+        block: |
+          ListenPort = 51820
+          Address = 10.200.219.1/24
+          [Peer]
+          PublicKey = 
+          AllowedIPs = 10.200.219.0/24
 
     - name: bring wg up
       shell: wg-quick up wg0
 
     - name: test if it worked
-      ping -c1 10.200.219.1
+      shell: ping -c1 10.200.219.1
+      register: test_result