You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
54 lines
1.2 KiB
YAML
54 lines
1.2 KiB
YAML
---
|
|
|
|
# TODO Exclude to own role
|
|
- name: Register debian unstable for apt
|
|
copy:
|
|
dest: "/etc/apt/sources.list.d/unstable.list"
|
|
owner: root
|
|
group: root
|
|
mode: "u=rw,g=r,o=r"
|
|
content: "deb http://deb.debian.org/debian/ unstable main"
|
|
|
|
- name: Restrict unstable for apt
|
|
copy:
|
|
dest: "/etc/apt/preferences.d/unstable"
|
|
owner: root
|
|
group: root
|
|
mode: "u=rw,g=r,o=r"
|
|
content: |
|
|
Package: *
|
|
Pin: release a=unstable
|
|
Pin-Priority: 90
|
|
|
|
- name: Install wireguard using apt
|
|
apt:
|
|
name:
|
|
- wireguard
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Create wireguard key directory
|
|
file:
|
|
state: directory
|
|
path: "{{ wireguard_key_directory }}"
|
|
owner: root
|
|
group: root
|
|
mode: "u=rwx,g=,o="
|
|
|
|
- name: Generate key pair
|
|
command: >-
|
|
/bin/sh -c "wg genkey
|
|
| tee {{ wireguard_private_key | quote }}
|
|
| wg pubkey > {{ wireguard_public_key | quote }}"
|
|
args:
|
|
chdir: "{{ wireguard_key_directory }}"
|
|
creates: "{{ wireguard_public_key }}"
|
|
|
|
- name: Download wireguard public key
|
|
fetch:
|
|
src: "{{ wireguard_public_key }}"
|
|
dest: "{{ global_wireguard_public_directory }}/{{ ansible_fqdn }}"
|
|
fail_on_missing: yes
|
|
flat: yes
|
|
validate_checksum: yes
|