71 lines
1.7 KiB
YAML
71 lines
1.7 KiB
YAML
---
|
|
- name: Ensure that interfaces names don't overlap
|
|
assert:
|
|
that: "not (ifupdown2__interfaces.keys()
|
|
| intersect(ifupdown2__wireguard.keys()))"
|
|
msg: "Static and wireguard interfaces names must not overlap"
|
|
|
|
- name: Install wireguard
|
|
apt:
|
|
name: wireguard
|
|
when: ifupdown2__wireguard
|
|
|
|
- name: Configure wireguard
|
|
template:
|
|
src: wireguard.conf.j2
|
|
dest: "/etc/wireguard/{{ item.key }}.conf"
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=
|
|
#no_log: true
|
|
loop: "{{ ifupdown2__wireguard | dict2items }}"
|
|
register: results_wireguard
|
|
|
|
- name: Synchronise wireguard config if necessary
|
|
command: "wg syncconf {{ item.0.key }} /etc/wireguard/{{ item.0.key }}.conf"
|
|
when: "item.0.key in ansible_interfaces and item.1.changed"
|
|
loop: "{{ ifupdown2__wireguard
|
|
| dict2items
|
|
| zip(results_wireguard.results) }}"
|
|
|
|
- name: Gather package facts
|
|
package_facts:
|
|
manager: apt
|
|
|
|
- name: Check if ifupdown2 is installed
|
|
set_fact:
|
|
must_mask: "{{ 'ifupdown2' not in ansible_facts.packages }}"
|
|
|
|
- name: Mask networking before installing ifupdown2
|
|
systemd:
|
|
name: networking.service
|
|
masked: true
|
|
when: must_mask
|
|
|
|
- name: Install ifupdown2
|
|
apt:
|
|
name: ifupdown2
|
|
|
|
- name: Unmask networking now that ifupdown2 is installed
|
|
systemd:
|
|
name: networking.service
|
|
masked: false
|
|
when: must_mask
|
|
|
|
- name: Configure ifupdown2
|
|
template:
|
|
src: interfaces.j2
|
|
dest: /etc/network/interfaces
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=
|
|
notify:
|
|
- Restart networking
|
|
- Bring all interfaces up
|
|
|
|
- name: Enable and start networking
|
|
systemd:
|
|
name: networking.service
|
|
state: started
|
|
enabled: true
|
|
...
|