1
0
Fork 0
home-stack-ansible/roles/wireguard/tasks/main.yml

53 lines
1.2 KiB
YAML

- name: Install wireguard
apt:
name:
- wireguard
- wireguard-tools
- name: Create wireguard configuration directory
file:
path: /etc/wireguard
state: directory
mode: '700'
- name: Check if public key exists
stat:
path: /etc/wireguard/public.key
register: public_key_stats
- name: Generate private key
shell: wg genkey >/etc/wireguard/private.key
args:
creates: /etc/wireguard/private.key
register: private_key_gen
- name: Fetch private key
command: cat /etc/wireguard/private.key
register: private_key
- name: Generate public key
shell: cat /etc/wireguard/private.key | wg pubkey >/etc/wireguard/public.key
when: not public_key_stats.stat.exists or private_key_gen.changed
- name: Fetch public key
command: cat /etc/wireguard/public.key
register: public_key
- name: Print public key
debug:
msg: '{{public_key.stdout}}'
- name: Install wireguard configuration
template:
src: wg0.conf
dest: /etc/wireguard/wg0.conf
notify: Restart wg0
- name: Enable ipv4 packet forwarding
lineinfile:
path: /etc/sysctl.conf
regexp: '^#?net.ipv4.ip_forward='
line: net.ipv4.ip_forward=1
notify: Reboot