ansible/roles/vpn/tasks/main.yml

50 lines
1.2 KiB
YAML

---
- name: Add backports to buster
apt_repository:
repo: deb http://deb.debian.org/debian buster-backports main
state: present
when: ('debian_buster' in group_names) or ('proxmox_buster' in group_names)
- name: Install wireguard dependencies for proxmox
apt:
name:
- pve-headers
- wireguard-dkms # May need a `dkms autoinstall` and reboot ?
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
when: ('proxmox_buster' in group_names)
- name: Install wireguard
apt:
name:
- wireguard
- ifupdown2
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Create wireguard config files
ansible.builtin.template:
src: "wiregard.conf.j2"
dest: "/etc/wireguard/{{ item.key }}.conf"
owner: root
group: root
mode: '600'
notify: Restart wireguard for interface
loop:
- "{{ lookup('dict', vpn_interfaces) }}"
no_log: true
- name: Enable interface
systemd:
name: "wg-quick@{{ item.key }}"
state: started
enabled: yes
loop:
- "{{ lookup('dict', vpn_interfaces) }}"
no_log: true