roles: Generate + deploy wireguard configurations

author: Romain Gonçalves <me@rgoncalves.se> 2021-12-10 18:30:32 +0000
committer: Romain Gonçalves <me@rgoncalves.se> 2021-12-10 21:52:55 +0000
commit: c1c300aa21b407351e6045c7b40480d4120db8a7 (patch)
tree: 48ac6715e649326d02dad7011b31c091db29b7b3 /roles/wireguard/tasks/keys.yml
parent: 2fe1965dbb4cc650fda2b00e69219ac7ae403674 (diff)
download: rules-c1c300aa21b407351e6045c7b40480d4120db8a7.tar.gz
1 files changed, 17 insertions, 0 deletions
diff --git a/roles/wireguard/tasks/keys.yml b/roles/wireguard/tasks/keys.yml
new file mode 100644
index 0000000..7a89010
--- /dev/null
+++ b/roles/wireguard/tasks/keys.yml
@@ -0,0 +1,17 @@
+- name: generate hosts keys
+  shell: |
+    set -o pipefail
+    ls "{{ wireguard_local_dir }}/{{ item }}.keys" && exit 0
+    umask 077
+    wg genkey | \
+    tee "{{ item }}.keys" | \
+    wg pubkey >> "{{ item }}.keys"
+    exit 2
+  args:
+    chdir: "{{ wireguard_local_dir }}"
+  loop: "{{ groups.all }}"
+  run_once: true
+  delegate_to: localhost
+  register: result
+  changed_when: result.rc == 2
+  failed_when: result.rc not in [0, 2]
author	Romain Gonçalves <me@rgoncalves.se>	2021-12-10 18:30:32 +0000
committer	Romain Gonçalves <me@rgoncalves.se>	2021-12-10 21:52:55 +0000
commit	c1c300aa21b407351e6045c7b40480d4120db8a7 (patch)
tree	48ac6715e649326d02dad7011b31c091db29b7b3 /roles/wireguard/tasks/keys.yml
parent	2fe1965dbb4cc650fda2b00e69219ac7ae403674 (diff)
download	rules-c1c300aa21b407351e6045c7b40480d4120db8a7.tar.gz