Added role wireguard/application
parent
93f1207bf9
commit
96ae42477f
@ -0,0 +1,5 @@
|
||||
---
|
||||
|
||||
wireguard_key_directory: "/root/wireguard"
|
||||
wireguard_private_key: "{{ wireguard_key_directory }}/wg-private.key"
|
||||
wireguard_public_key: "{{ wireguard_key_directory }}/wg-public.key"
|
@ -0,0 +1,3 @@
|
||||
---
|
||||
|
||||
allow_duplicates: no
|
@ -0,0 +1,53 @@
|
||||
---
|
||||
|
||||
# TODO Exclude to own role
|
||||
- name: Register debian unstable for apt
|
||||
copy:
|
||||
dest: "/etc/apt/sources.list.d/unstable.list"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "u=rw,g=r,o=r"
|
||||
content: "deb http://deb.debian.org/debian/ unstable main"
|
||||
|
||||
- name: Restrict unstable for apt
|
||||
copy:
|
||||
dest: "/etc/apt/preferences.d/unstable"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "u=rw,g=r,o=r"
|
||||
content: |
|
||||
Package: *
|
||||
Pin: release a=unstable
|
||||
Pin-Priority: 90
|
||||
|
||||
- name: Install wireguard using apt
|
||||
apt:
|
||||
name:
|
||||
- wireguard
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
||||
- name: Create wireguard key directory
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ wireguard_key_directory }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "u=rwx,g=,o="
|
||||
|
||||
- name: Generate key pair
|
||||
command: >-
|
||||
/bin/sh -c "wg genkey
|
||||
| tee {{ wireguard_private_key | quote }}
|
||||
| wg pubkey > {{ wireguard_public_key | quote }}"
|
||||
args:
|
||||
chdir: "{{ wireguard_key_directory }}"
|
||||
creates: "{{ wireguard_public_key }}"
|
||||
|
||||
- name: Download wireguard public key
|
||||
fetch:
|
||||
src: "{{ wireguard_public_key }}"
|
||||
dest: "{{ global_wireguard_public_directory }}/{{ ansible_fqdn }}"
|
||||
fail_on_missing: yes
|
||||
flat: yes
|
||||
validate_checksum: yes
|
Loading…
Reference in New Issue