12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- ---
- - name: Install dependencies
- become: true
- apt:
- pkg:
- - wireguard
- - wireguard-tools
- - name: Ensure permission on wireguard directory
- become: true
- file:
- path: /etc/wireguard
- state: directory
- mode: 0700
- - name: Install wireguard configuration
- become: true
- template:
- src: templates/config.j2
- dest: "/etc/wireguard/{{ item.name }}.conf"
- mode: 0644
- when: item.type == "wg"
- loop: "{{ peers | flatten(levels=1) }}"
- - name: Enable wireguard interfaces for autostart
- become: true
- systemd:
- name: "wg-quick@{{ item.name }}"
- masked: false
- enabled: true
- state: restarted
- when: item.type == "wg"
- loop: "{{ peers | flatten(levels=1) }}"
- - name: Setup cronjob for dynamic peers
- become: true
- cron:
- name: "Reload endpoint for wireguard peer {{ item.name }}"
- minute: "*/30"
- job: "wg set {{ item.name }} peer \"{{ item.wg.peer.pubkey }}\" endpoint \"{{ item.wg.peer.endpoint }}\""
- when: item.type == "wg" and item.wg.peer.dyn is defined
- loop: "{{ peers | flatten(levels=1) }}"
|