violet/wg-roadwarrior
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
wg-roadwarrior/wireguard.yml
Violet Truchseß 2a72f46a15 added local wg-tools
2024-11-25 15:20:40 +01:00

77 lines
2.4 KiB
YAML
Raw Permalink Blame History

- name: Ensure wg-tools installed locally
hosts: localhost
become: yes
tasks:
- name: install wireguard-tools
apt:
name: wireguard-tools
- name: Setup Wireguard server
hosts: wg_server
become: yes
tasks:
- name: Install wireguard
apt:
name:
- wireguard
- wireguard-tools
state: present
when: ansible_facts['os_family'] == "Debian"
- name: generate public keys
shell: "echo \"{{ hostvars[item].wg_key }}\" | wg pubkey"
register: pubkeys
delegate_to: localhost
changed_when: false
with_items: "{{ groups['wg_clients'] | list }}"
- name: Generate Server wg-config
template:
src: wg_server.j2
dest: "/etc/wireguard/{{ wg_interface }}.conf"
notify: read wg config
# - name: Gemerate debian-specific interface-config
# template:
# src: debian_interface.j2
# dest: "/etc/network/interfaces.d/{{ wg_interface }}"
# when: ansible_facts['os_family'] == "Debian"
# notify: reload interface
- name: Start and enable wg-quick service
service:
name: "wg-quick@{{ wg_interface }}"
state: started
enabled: true
- name: enable IP forwarding
lineinfile:
path: /etc/sysctl.conf
regexp: "{{ item }}"
line: "{{ item }}=1"
with_items:
- net.ipv4.ip_forward
- net.ipv6.conf.all.forwarding
notify: reload sysconfig
handlers:
- name: read wg config
service:
name: "wg-quick@{{ wg_interface }}"
state: restarted
# shell: "wg syncconf {{ wg_interface }} <(wg-quick strip {{ wg_interface }})"
# command: "wg setconf {{ wg_interface }} /etc/wireguard/{{ wg_interface }}.conf"
# - name: reload interface
# shell: "ifdown {{ wg_interface }}; ifup {{ wg_interface }}"
- name: reload sysconfig
command: sysctl -p /etc/sysctl.conf
- name: Generate client configs
hosts: localhost
tasks:
- name: Ensure cient conf directory exists
file:
path: wg_clients
state: directory
- name: generate server pubkey
shell: "echo \"{{ hostvars[groups['wg_server'][0]].wg_key }}\" | wg pubkey"
register: server_pubkey
changed_when: false
- name: generate client config
template:
src: wg_client.j2
dest: "wg_clients/wg_{{ item }}.conf"
with_items: "{{ groups['wg_clients'] | list }}"
Reference in New Issue View Git Blame Copy Permalink