ansible/roles/vpn/tasks/main.yml

---
- name: Add backports to buster
  apt_repository:
    repo: deb http://deb.debian.org/debian buster-backports main
    state: present
  when: ansible_facts["lsb"]["codename"] == "buster"

- name: Install wireguard dependencies for proxmox
  apt:
    name:
      - pve-headers
      - wireguard-dkms # May need a `dkms autoinstall` and reboot ?
    state: latest
    update_cache: true
  when: ('proxmox' in group_names)

- name: Install wireguard
  apt:
    name:
      - wireguard
    state: latest
    update_cache: true

- name: Create wireguard config files
  ansible.builtin.template:
    src: "wiregard.conf.j2"
    dest: "/etc/wireguard/{{ item.key }}.conf"
    owner: root
    group: root
    mode: '600'
  notify: Restart wireguard for interface
  loop: "{{ vpn_interfaces | dict2items }}"
  no_log: "{{ enable_no_log | default('true') }}"

- name: Enable interface
  systemd:
    name: "wg-quick@{{ item.key }}"
    state: started
    enabled: yes
  loop: "{{ vpn_interfaces | dict2items }}"
  no_log: "{{ disable_no_log | not | default('true') }}"
create vpn books 2021-04-22 20:31:33 +02:00			`---`
			`- name: Add backports to buster`
			`apt_repository:`
			`repo: deb http://deb.debian.org/debian buster-backports main`
			`state: present`
remade base playbook and roles 2022-07-21 15:19:24 +02:00			`when: ansible_facts["lsb"]["codename"] == "buster"`
install wireguard 2021-04-22 20:49:28 +02:00
pseudo fix for proxmox 2021-04-22 23:33:09 +02:00			`- name: Install wireguard dependencies for proxmox`
			`apt:`
			`name:`
			`- pve-headers`
			- wireguard-dkms # May need a `dkms autoinstall` and reboot ?
			`state: latest`
			`update_cache: true`
remade base playbook and roles 2022-07-21 15:19:24 +02:00			`when: ('proxmox' in group_names)`
pseudo fix for proxmox 2021-04-22 23:33:09 +02:00
install wireguard 2021-04-22 20:49:28 +02:00			`- name: Install wireguard`
			`apt:`
			`name:`
			`- wireguard`
			`state: latest`
			`update_cache: true`
write vpn config 2021-04-22 22:51:33 +02:00
working role (I hope) using debian network/interface config instead of wg-quick 2021-07-05 02:32:59 +02:00			`- name: Create wireguard config files`
add comment 2021-04-23 00:40:31 +02:00			`ansible.builtin.template:`
working role (I hope) using debian network/interface config instead of wg-quick 2021-07-05 02:32:59 +02:00			`src: "wiregard.conf.j2"`
write vpn config 2021-04-22 22:51:33 +02:00			`dest: "/etc/wireguard/{{ item.key }}.conf"`
			`owner: root`
			`group: root`
			`mode: '600'`
fallback to wg-quick because of the clusterfuck of configuration types between the OSs 2021-07-08 00:33:13 +02:00			`notify: Restart wireguard for interface`
remade base playbook and roles 2022-07-21 15:19:24 +02:00			`loop: "{{ vpn_interfaces \| dict2items }}"`
			`no_log: "{{ enable_no_log \| default('true') }}"`
fallback to wg-quick because of the clusterfuck of configuration types between the OSs 2021-07-08 00:33:13 +02:00
			`- name: Enable interface`
			`systemd:`
			`name: "wg-quick@{{ item.key }}"`
			`state: started`
			`enabled: yes`
remade base playbook and roles 2022-07-21 15:19:24 +02:00			`loop: "{{ vpn_interfaces \| dict2items }}"`
			`no_log: "{{ disable_no_log \| not \| default('true') }}"`