From aea6b114e050545ccc8b953c579d53c9158e238b Mon Sep 17 00:00:00 2001
From: binary <me@rgoncalves.se>
Date: Sun, 15 Nov 2020 17:26:32 +0100
Subject: I'm so lazy so ignore this cimment this time pls

---
 roles/wireguard/tasks/generate.yml            |  5 ++-
 roles/wireguard/tasks/main.yml                | 52 +++++++++++++++++++++++++--
 roles/wireguard/templates/dcontroller.conf.j2 |  2 +-
 roles/wireguard/templates/host.conf.j2        |  2 +-
 roles/wireguard/templates/hostname.j2         |  9 +++++
 roles/wireguard/templates/hostname.tun0.j2    |  9 -----
 6 files changed, 63 insertions(+), 16 deletions(-)
 create mode 100644 roles/wireguard/templates/hostname.j2
 delete mode 100644 roles/wireguard/templates/hostname.tun0.j2

(limited to 'roles/wireguard')

diff --git a/roles/wireguard/tasks/generate.yml b/roles/wireguard/tasks/generate.yml
index e3264ef..6e60a92 100644
--- a/roles/wireguard/tasks/generate.yml
+++ b/roles/wireguard/tasks/generate.yml
@@ -34,7 +34,6 @@
     - { name: "{{ ansible_host }}", path: /etc/wireguard/dcontroller.conf }
     - { name: localhost, path: "{{ wg_dir }}/{{ ansible_host}}.conf" }
   ignore_unreachable: true
-  failed_when: 1 == 2
 
 - name: Generate server configuration
   template:
@@ -49,7 +48,7 @@
 
 - name: Generate server interface
   template:
-    src: templates/hostname.tun0.j2
+    src: templates/hostname.j2
     dest: /etc/hostname.tun0
   when: ansible_host == _i.dcontroller
-  
+
diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml
index be9e57c..9e23fa7 100644
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@@ -1,9 +1,57 @@
-
 # wireguard ~~ tasks/main.yml
 
 ---
 
 - include: set_facts.yml
 
-- include: generate.yml
+- stat:
+    path: "{{ wg_host_keys }}"
+  register: stat_host_keys
+  delegate_to: localhost
+
+- name: Generate domain keys
+  shell: |
+    umask 077
+    wg genkey | tee "{{ wg_host_keys }}" | wg pubkey >> "{{ wg_host_keys }}"
+  args:
+    chdir: "{{ wg_dir }}"
+  when: not stat_host_keys.stat.exists or force is defined and force
+  delegate_to: localhost
+
+- name: Create wireguard dir on remote host
+  file:
+    path: /etc/wireguard
+    owner: root
+    state: directory
+    mode: "0700"
+  ignore_unreachable: true
+
+- name: Generate client configuration
+  template:
+    src: templates/host.conf.j2
+    dest: "{{ item.path }}"
+    mode: "0600"
+  when: ansible_host != _i.dcontroller
+  delegate_to: "{{ item.name }}"
+  loop:
+    - { name: "{{ ansible_host }}", path: /etc/wireguard/dcontroller.conf }
+    - { name: localhost, path: "{{ wg_dir }}/{{ ansible_host}}.conf" }
+  ignore_unreachable: true
+
+- name: Generate server configuration
+  template:
+    src: templates/dcontroller.conf.j2
+    dest: "{{ item.path }}"
+    mode: "0600"
+  when: ansible_host == _i.dcontroller
+  delegate_to: "{{ item.name }}"
+  loop:
+    - { name: "{{ ansible_host }}", path: /etc/wireguard/dcontroller.conf }
+    - { name: localhost, path: "{{ wg_dir }}/{{ ansible_host}}.conf" }
+
+- name: Generate server interface
+  template:
+    src: templates/hostname.j2
+    dest: /etc/hostname.tun0
+  when: ansible_host == _i.dcontroller
 
diff --git a/roles/wireguard/templates/dcontroller.conf.j2 b/roles/wireguard/templates/dcontroller.conf.j2
index c1fd887..5771ef6 100644
--- a/roles/wireguard/templates/dcontroller.conf.j2
+++ b/roles/wireguard/templates/dcontroller.conf.j2
@@ -1,5 +1,5 @@
 
-# wireguard client configuration ~~ /etc/wireguard/*.conf
+# wireguard dcontroller configuration ~~ /etc/wireguard/*.conf
 # managed by Ansible
 {% set dcontroller_keys = lookup("file", wg_dcontroller_keys).splitlines() %}
 
diff --git a/roles/wireguard/templates/host.conf.j2 b/roles/wireguard/templates/host.conf.j2
index c25d937..2a5acc5 100644
--- a/roles/wireguard/templates/host.conf.j2
+++ b/roles/wireguard/templates/host.conf.j2
@@ -5,7 +5,7 @@
 {% set dcontroller_keys = lookup("file", wg_dcontroller_keys).splitlines() %}
 
 [Interface]
-Address = {{ ip.in }}
+Address = {{ ip.in }}, fd00:10:10::{{ ip.in.split(".")[3] }}
 PrivateKey = {{ host_keys[0] }}
 
 [Peer]
diff --git a/roles/wireguard/templates/hostname.j2 b/roles/wireguard/templates/hostname.j2
new file mode 100644
index 0000000..3903ccb
--- /dev/null
+++ b/roles/wireguard/templates/hostname.j2
@@ -0,0 +1,9 @@
+inet 10.10.0.1 255.255.255.0
+inet6 fd00:10:10::1
+!/usr/local/bin/wireguard-go -f tun0 &
+!/bin/sleep 2
+!/usr/local/bin/wg setconf tun0 /etc/wireguard/{{ _i.dcontroller }}.conf
+!/bin/sleep 2
+!/sbin/route add -inet 10.10.0.0/24 10.10.0.1
+!/bin/sleep 2
+!/sbin/route add -inet6 fd00:10:10::/64 fd00:10:10::1
diff --git a/roles/wireguard/templates/hostname.tun0.j2 b/roles/wireguard/templates/hostname.tun0.j2
deleted file mode 100644
index 3903ccb..0000000
--- a/roles/wireguard/templates/hostname.tun0.j2
+++ /dev/null
@@ -1,9 +0,0 @@
-inet 10.10.0.1 255.255.255.0
-inet6 fd00:10:10::1
-!/usr/local/bin/wireguard-go -f tun0 &
-!/bin/sleep 2
-!/usr/local/bin/wg setconf tun0 /etc/wireguard/{{ _i.dcontroller }}.conf
-!/bin/sleep 2
-!/sbin/route add -inet 10.10.0.0/24 10.10.0.1
-!/bin/sleep 2
-!/sbin/route add -inet6 fd00:10:10::/64 fd00:10:10::1
-- 
cgit v1.2.3