46 lines
1.2 KiB
YAML
46 lines
1.2 KiB
YAML
- name: server | utilities | wireguard install
|
|
package:
|
|
name: "{{ wireguard_package }}"
|
|
state: latest
|
|
|
|
- name: server | utilities | wireguard generate private key
|
|
shell:
|
|
cmd: umask 077 && wg genkey | tee privatekey | wg pubkey > publickey
|
|
chdir: /etc/wireguard
|
|
creates: /etc/wireguard/publickey
|
|
when:
|
|
- wg_privkey is not defined
|
|
- wg_pubkey is not defined
|
|
|
|
- name: server | utilities | wireguard copy keys
|
|
copy:
|
|
content: "{{ item.key }}"
|
|
dest: "{{ item.keyfile }}"
|
|
loop:
|
|
- { key: wg_pubkey, keyfile: "/etc/wireguard/publickey" }
|
|
- { key: wg_privkey, keyfile: "/etc/wireguard/privatekey" }
|
|
when:
|
|
- wg_pubkey is defined
|
|
- wg_privkey is defined
|
|
|
|
- name: server | utilities | wireguard generate config
|
|
template:
|
|
dest: "/etc/wireguard/VPN.conf"
|
|
src: client_VPN.conf.j2
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
|
|
- name: server | utilities | wireguard check if already running
|
|
command: wg show
|
|
register: wireguard
|
|
|
|
- block:
|
|
- name: server | utilities | wireguard start vpn
|
|
command: wg-quick up VPN
|
|
|
|
- name: server | utilities | wireguard enable service
|
|
service:
|
|
name: "wg-quick@VPN"
|
|
enabled: true
|
|
when: wireguard.stdout == "" |