blob: 6ef15ea915516a015c6d77bd445ed13cacd8ce2c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
---
- name: create wireguard directory
ansible.builtin.file:
path: "{{ wireguard__dir }}"
owner: 0
group: 0
mode: "0700"
state: directory
- name: include local tasks
ansible.builtin.include_tasks: local.yml
run_once: true
args:
apply:
delegate_to: localhost
- name: copy wireguard configuration
ansible.builtin.copy:
src: "{{ wireguard__local_dir }}/{{ wireguard__local_configuration }}"
dest: "{{ wireguard__dir }}/{{ wireguard__interface_name }}.conf"
owner: 0
group: 0
mode: "0600"
- name: install wireguard
ansible.builtin.package:
name: wireguard-tools
state: present
- name: enable wireguard interface
ansible.builtin.lineinfile:
path: /etc/rc.local
regexp: "^/usr/local/bin/wg-quick up {{ wireguard__interface_name }}$"
line: "/usr/local/bin/wg-quick up {{ wireguard__interface_name }}"
owner: 0
create: true
mode: "0644"
- name: restart wireguard interface
ansible.builtin.raw: |
wg-quick down {{ wireguard__interface_name }}
sleep {{ 10 | random(start=1) }}
wg-quick up {{ wireguard__interface_name }}
register: wireguard__result_status
- name: add cronjob for keepalive
ansible.builtin.cron:
name: keepalive network traffic to domain controller
job: "! ping -c 1 -w 1 {{ hostvars[wireguard__domain_controller].__ip.internal }} && /usr/local/bin/wg-quick down {{ wireguard__interface_name }} && /usr/local/bin/wg-quick up {{ wireguard__interface_name }}"
- name: show wireguard output
ansible.builtin.debug:
var: wireguard__result_status.stdout
|