diff options
| author | binary <me@rgoncalves.se> | 2020-11-15 17:26:32 +0100 |
|---|---|---|
| committer | binary <me@rgoncalves.se> | 2020-11-15 17:26:32 +0100 |
| commit | aea6b114e050545ccc8b953c579d53c9158e238b (patch) | |
| tree | 7cbeb2ad790638e433c21f1452dded1588949d2e /roles/wireguard/tasks | |
| parent | 5bcecbf08db7013ba4de12e492961e2cba6e6b8a (diff) | |
| download | infrastructure-aea6b114e050545ccc8b953c579d53c9158e238b.tar.gz | |
I'm so lazy so ignore this cimment this time pls
Diffstat (limited to 'roles/wireguard/tasks')
| -rw-r--r-- | roles/wireguard/tasks/generate.yml | 5 | ||||
| -rw-r--r-- | roles/wireguard/tasks/main.yml | 52 |
2 files changed, 52 insertions, 5 deletions
diff --git a/roles/wireguard/tasks/generate.yml b/roles/wireguard/tasks/generate.yml index e3264ef..6e60a92 100644 --- a/roles/wireguard/tasks/generate.yml +++ b/roles/wireguard/tasks/generate.yml @@ -34,7 +34,6 @@ - { name: "{{ ansible_host }}", path: /etc/wireguard/dcontroller.conf } - { name: localhost, path: "{{ wg_dir }}/{{ ansible_host}}.conf" } ignore_unreachable: true - failed_when: 1 == 2 - name: Generate server configuration template: @@ -49,7 +48,7 @@ - name: Generate server interface template: - src: templates/hostname.tun0.j2 + src: templates/hostname.j2 dest: /etc/hostname.tun0 when: ansible_host == _i.dcontroller - + diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml index be9e57c..9e23fa7 100644 --- a/roles/wireguard/tasks/main.yml +++ b/roles/wireguard/tasks/main.yml @@ -1,9 +1,57 @@ - # wireguard ~~ tasks/main.yml --- - include: set_facts.yml -- include: generate.yml +- stat: + path: "{{ wg_host_keys }}" + register: stat_host_keys + delegate_to: localhost + +- name: Generate domain keys + shell: | + umask 077 + wg genkey | tee "{{ wg_host_keys }}" | wg pubkey >> "{{ wg_host_keys }}" + args: + chdir: "{{ wg_dir }}" + when: not stat_host_keys.stat.exists or force is defined and force + delegate_to: localhost + +- name: Create wireguard dir on remote host + file: + path: /etc/wireguard + owner: root + state: directory + mode: "0700" + ignore_unreachable: true + +- name: Generate client configuration + template: + src: templates/host.conf.j2 + dest: "{{ item.path }}" + mode: "0600" + when: ansible_host != _i.dcontroller + delegate_to: "{{ item.name }}" + loop: + - { name: "{{ ansible_host }}", path: /etc/wireguard/dcontroller.conf } + - { name: localhost, path: "{{ wg_dir }}/{{ ansible_host}}.conf" } + ignore_unreachable: true + +- name: Generate server configuration + template: + src: templates/dcontroller.conf.j2 + dest: "{{ item.path }}" + mode: "0600" + when: ansible_host == _i.dcontroller + delegate_to: "{{ item.name }}" + loop: + - { name: "{{ ansible_host }}", path: /etc/wireguard/dcontroller.conf } + - { name: localhost, path: "{{ wg_dir }}/{{ ansible_host}}.conf" } + +- name: Generate server interface + template: + src: templates/hostname.j2 + dest: /etc/hostname.tun0 + when: ansible_host == _i.dcontroller |