Reload sysctl (wireguard_endpoint)

roles/wireguard_endpoint/handlers/main.yml

@@ -1,8 +1,14 @@
 ---
 - name: Reload network interfaces
-  command: ifreload -a
+  become: true
+  command: /sbin/ifreload -a
+
+- name: Reload sysctl
+  become: true
+  command: /sbin/sysctl --system
 
 - name: Reload nftables
+  become: true
   systemd:
     name: nftables.service
     state: reloaded

roles/wireguard_endpoint/tasks/main.yml

@@ -1,5 +1,6 @@
 ---
 - name: Install required packages
+  become: true
   apt:
     pkg:
       - ifupdown2
@@ -8,14 +9,18 @@
     update_cache: yes
 
 - name: Tweak sysctl to enable IP forwarding
+  become: true
   template:
     src: sysctl.conf.j2
     dest: /etc/sysctl.d/forwarding.conf
     owner: root
     group: root
     mode: u=rw,g=r,o=
+  notify:
+    - Reload sysctl
 
 - name: Create tunnels configurations
+  become: true
   template:
     src: wireguard.conf.j2
     dest: "/etc/wireguard/{{ item.name }}.conf"
@@ -30,6 +35,7 @@
     - Reload network interfaces
 
 - name: Create network interfaces
+  become: true
   template:
     src: interface.j2
     dest: "/etc/network/interfaces.d/{{ item.name }}"