aboutsummaryrefslogtreecommitdiffstats
path: root/roles/wireguard/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/wireguard/tasks')
-rw-r--r--roles/wireguard/tasks/cron.yml5
-rw-r--r--roles/wireguard/tasks/main.yml11
-rw-r--r--roles/wireguard/tasks/service.yml16
3 files changed, 22 insertions, 10 deletions
diff --git a/roles/wireguard/tasks/cron.yml b/roles/wireguard/tasks/cron.yml
new file mode 100644
index 0000000..482b34f
--- /dev/null
+++ b/roles/wireguard/tasks/cron.yml
@@ -0,0 +1,5 @@
+- name: add cronjob for keepalive
+ ansible.builtin.cron:
+ name: keepalive network traffic to domain controller
+ user: nobody
+ job: ping -c 1 {{ hostvars[wireguard_domain_controller].__ip.external }}
diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml
index 9f1d01d..d1ff496 100644
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@@ -25,10 +25,15 @@
name: wireguard-tools
state: present
-- name: include service configuration for server
+- name: include service configuration for hosts
include_tasks: service.yml
when: inventory_hostname == wireguard_domain_controller
-- name: include service configuration for hosts
- include_tasks: service.yml
+- name: include service configuration for server
+ include_tasks: "{{ task }}"
when: inventory_hostname != wireguard_domain_controller
+ loop_control:
+ loop_var: task
+ loop:
+ - service.yml
+ - cron.yml
diff --git a/roles/wireguard/tasks/service.yml b/roles/wireguard/tasks/service.yml
index d1a1007..37f3cec 100644
--- a/roles/wireguard/tasks/service.yml
+++ b/roles/wireguard/tasks/service.yml
@@ -10,11 +10,13 @@
when: ansible_distribution == "OpenBSD"
- name: restart wireguard interface
- command: wg-quick "{{ item }}" "{{ wireguard_domain_controller }}"
- ignore_errors: true
- loop:
- - down
- - up
- loop_control:
- pause: 5
+ raw: |
+ wg-quick down {{ wireguard_domain_controller }}
+ sleep {{ 10 | random(start=1) }}
+ wg-quick up {{ wireguard_domain_controller }}
when: ansible_distribution == "OpenBSD"
+ register: result
+
+- name: show wireguard output
+ debug:
+ var: result
remember that computers suck.