ansible
/
xoxys.wireguard
0
0
Fork 0
Code Issues Pull Requests Releases Activity
xoxys.wireguard/tasks/main.yml

71 lines
2.0 KiB
YAML
Raw Permalink Blame History

---
- name: Ensure dependencies are installed
ansible.builtin.package:
name: "{{ item }}"
state: present
loop:
- wireguard-tools
- name: Stat WireGuard config file
ansible.builtin.stat:
path: "/etc/wireguard/{{ wireguard_interface }}.conf"
register: __wireguard_config_file
- when:
- not __wireguard_config_file.stat.exists
- wireguard_private_key is not defined
block:
- name: Generate WireGuard private key
ansible.builtin.command: "wg genkey"
register: __wireguard_private_key_gen
changed_when: False
- name: Set generated private key
ansible.builtin.set_fact:
wireguard_private_key: "{{ __wireguard_private_key_gen.stdout }}"
- when:
- __wireguard_config_file.stat.exists
- wireguard_private_key is not defined
block:
- name: Read WireGuard config file
ansible.builtin.slurp:
src: "/etc/wireguard/{{ wireguard_interface }}.conf"
register: __wireguard_config
- name: Set existing private key
ansible.builtin.set_fact:
wireguard_private_key: "{{ __wireguard_config['content'] | b64decode | regex_findall('PrivateKey = (.*)') | first }}"
- name: Derive WireGuard public key
ansible.builtin.command: "wg pubkey"
args:
stdin: "{{ wireguard_private_key }}"
register: __wireguard_public_key_gen
changed_when: False
- name: Set public key fact
ansible.builtin.set_fact:
__wireguard_public_key: "{{ __wireguard_public_key_gen.stdout }}"
- name: Generate WireGuard configuration file
ansible.builtin.template:
src: etc/wireguard/wg.conf.j2
dest: "/etc/wireguard/{{ wireguard_interface }}.conf"
owner: root
group: root
mode: "0600"
notify: __wireguard_restart
- name: Ensure legacy reload-module-on-update is absent
ansible.builtin.file:
dest: "/etc/wireguard/.reload-module-on-update"
state: absent
- name: Ensure WireGuard service is up and running
ansible.builtin.service:
name: "wg-quick@{{ wireguard_interface }}"
daemon_reload: True
enabled: True
state: started
Reference in New Issue View Git Blame Copy Permalink