aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ansible/group_vars/all/wireguard_wg0.yml3
-rw-r--r--ansible/inventory5
-rw-r--r--ansible/plays/files/akili/etc/wireguard/public-wg-net1.key (renamed from ansible/files/akili/etc/wireguard/public-wg-net1.key)0
-rw-r--r--ansible/plays/files/akili/etc/wireguard/public-wg0.key1
-rw-r--r--ansible/plays/files/android-trygvis/etc/wireguard/public-wg1.key (renamed from ansible/files/android-trygvis/etc/wireguard/public-wg1.key)0
-rw-r--r--ansible/plays/files/arius/etc/borg/id_ed25519.pub (renamed from ansible/files/arius/etc/borg/id_ed25519.pub)0
-rw-r--r--ansible/plays/files/arius/etc/wireguard/public-wg-hesland.key (renamed from ansible/files/arius/etc/wireguard/public-wg-hesland.key)0
-rw-r--r--ansible/plays/files/arius/etc/wireguard/public-wg-net1.key (renamed from ansible/files/arius/etc/wireguard/public-wg-net1.key)0
-rw-r--r--ansible/plays/files/arius/etc/wireguard/public-wg0.key (renamed from ansible/files/arius/etc/wireguard/public-wg0.key)0
-rw-r--r--ansible/plays/files/birgitte/etc/borg/id_ed25519.pub (renamed from ansible/files/birgitte/etc/borg/id_ed25519.pub)0
-rw-r--r--ansible/plays/files/birgitte/etc/systemd/network/51-eth0.network (renamed from ansible/files/birgitte/etc/systemd/network/51-eth0.network)0
-rw-r--r--ansible/plays/files/birgitte/etc/wireguard/public-wg-net1.key (renamed from ansible/files/birgitte/etc/wireguard/public-wg-net1.key)0
-rw-r--r--ansible/plays/files/birgitte/etc/wireguard/public-wg0.key (renamed from ansible/files/birgitte/etc/wireguard/public-wg0.key)0
-rw-r--r--ansible/plays/files/conflatorio/etc/borg/id_ed25519.pub (renamed from ansible/files/conflatorio/etc/borg/id_ed25519.pub)0
-rw-r--r--ansible/plays/files/conflatorio/etc/wireguard/public-wg-edipost.key (renamed from ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key)0
-rw-r--r--ansible/plays/files/conflatorio/etc/wireguard/public-wg0.key (renamed from ansible/files/conflatorio/etc/wireguard/public-wg0.key)0
-rw-r--r--ansible/plays/files/knot/etc/wireguard/public-wg0.key (renamed from ansible/files/knot/etc/wireguard/public-wg0.key)0
-rw-r--r--ansible/plays/files/knot/etc/wireguard/public-wg1.key (renamed from ansible/files/knot/etc/wireguard/public-wg1.key)0
-rw-r--r--ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key1
-rw-r--r--ansible/plays/files/webgateway/etc/wireguard/public-wg-hesland.key (renamed from ansible/files/webgateway/etc/wireguard/public-wg-hesland.key)0
-rw-r--r--ansible/plays/wireguard.yml (renamed from ansible/wireguard.yml)0
-rw-r--r--ansible/roles/wireguard/tasks/main.yml43
22 files changed, 24 insertions, 29 deletions
diff --git a/ansible/group_vars/all/wireguard_wg0.yml b/ansible/group_vars/all/wireguard_wg0.yml
index 42b149b..872c432 100644
--- a/ansible/group_vars/all/wireguard_wg0.yml
+++ b/ansible/group_vars/all/wireguard_wg0.yml
@@ -22,3 +22,6 @@ wireguard-wg0:
akili:
state: present
ipv6: fdf3:aad9:a885:0b3a::7
+ malabaricus:
+ state: present
+ ipv6: fdf3:aad9:a885:0b3a::8
diff --git a/ansible/inventory b/ansible/inventory
index 638ee5b..5ae2af7 100644
--- a/ansible/inventory
+++ b/ansible/inventory
@@ -13,7 +13,7 @@ all:
homepi:
ansible_host: homepi.local
malabaricus:
- ansible_host: malabaricus.trygvis.io
+ ansible_host: 10.13.37.187 # malabaricus.trygvis.io
conflatorio:
ansible_host: conflatorio.trygvis.io
akili:
@@ -144,10 +144,11 @@ all:
hosts:
akili:
arius:
+ astyanax:
birgitte:
conflatorio:
knot:
- astyanax:
+ malabaricus:
wireguard_wg1:
hosts:
diff --git a/ansible/files/akili/etc/wireguard/public-wg-net1.key b/ansible/plays/files/akili/etc/wireguard/public-wg-net1.key
index 31725d2..31725d2 100644
--- a/ansible/files/akili/etc/wireguard/public-wg-net1.key
+++ b/ansible/plays/files/akili/etc/wireguard/public-wg-net1.key
diff --git a/ansible/plays/files/akili/etc/wireguard/public-wg0.key b/ansible/plays/files/akili/etc/wireguard/public-wg0.key
new file mode 100644
index 0000000..f94a7b2
--- /dev/null
+++ b/ansible/plays/files/akili/etc/wireguard/public-wg0.key
@@ -0,0 +1 @@
+pFbHqAJuQPR+JwHDT6YT9pIpGPfDdhM1WU6RXfrZjCQ=
diff --git a/ansible/files/android-trygvis/etc/wireguard/public-wg1.key b/ansible/plays/files/android-trygvis/etc/wireguard/public-wg1.key
index 4ab6833..4ab6833 100644
--- a/ansible/files/android-trygvis/etc/wireguard/public-wg1.key
+++ b/ansible/plays/files/android-trygvis/etc/wireguard/public-wg1.key
diff --git a/ansible/files/arius/etc/borg/id_ed25519.pub b/ansible/plays/files/arius/etc/borg/id_ed25519.pub
index b4e14aa..b4e14aa 100644
--- a/ansible/files/arius/etc/borg/id_ed25519.pub
+++ b/ansible/plays/files/arius/etc/borg/id_ed25519.pub
diff --git a/ansible/files/arius/etc/wireguard/public-wg-hesland.key b/ansible/plays/files/arius/etc/wireguard/public-wg-hesland.key
index 3102f19..3102f19 100644
--- a/ansible/files/arius/etc/wireguard/public-wg-hesland.key
+++ b/ansible/plays/files/arius/etc/wireguard/public-wg-hesland.key
diff --git a/ansible/files/arius/etc/wireguard/public-wg-net1.key b/ansible/plays/files/arius/etc/wireguard/public-wg-net1.key
index 879fa3c..879fa3c 100644
--- a/ansible/files/arius/etc/wireguard/public-wg-net1.key
+++ b/ansible/plays/files/arius/etc/wireguard/public-wg-net1.key
diff --git a/ansible/files/arius/etc/wireguard/public-wg0.key b/ansible/plays/files/arius/etc/wireguard/public-wg0.key
index a722138..a722138 100644
--- a/ansible/files/arius/etc/wireguard/public-wg0.key
+++ b/ansible/plays/files/arius/etc/wireguard/public-wg0.key
diff --git a/ansible/files/birgitte/etc/borg/id_ed25519.pub b/ansible/plays/files/birgitte/etc/borg/id_ed25519.pub
index f4b79b5..f4b79b5 100644
--- a/ansible/files/birgitte/etc/borg/id_ed25519.pub
+++ b/ansible/plays/files/birgitte/etc/borg/id_ed25519.pub
diff --git a/ansible/files/birgitte/etc/systemd/network/51-eth0.network b/ansible/plays/files/birgitte/etc/systemd/network/51-eth0.network
index 82831c5..82831c5 100644
--- a/ansible/files/birgitte/etc/systemd/network/51-eth0.network
+++ b/ansible/plays/files/birgitte/etc/systemd/network/51-eth0.network
diff --git a/ansible/files/birgitte/etc/wireguard/public-wg-net1.key b/ansible/plays/files/birgitte/etc/wireguard/public-wg-net1.key
index 22e2fe3..22e2fe3 100644
--- a/ansible/files/birgitte/etc/wireguard/public-wg-net1.key
+++ b/ansible/plays/files/birgitte/etc/wireguard/public-wg-net1.key
diff --git a/ansible/files/birgitte/etc/wireguard/public-wg0.key b/ansible/plays/files/birgitte/etc/wireguard/public-wg0.key
index d595dff..d595dff 100644
--- a/ansible/files/birgitte/etc/wireguard/public-wg0.key
+++ b/ansible/plays/files/birgitte/etc/wireguard/public-wg0.key
diff --git a/ansible/files/conflatorio/etc/borg/id_ed25519.pub b/ansible/plays/files/conflatorio/etc/borg/id_ed25519.pub
index 7bdbe0c..7bdbe0c 100644
--- a/ansible/files/conflatorio/etc/borg/id_ed25519.pub
+++ b/ansible/plays/files/conflatorio/etc/borg/id_ed25519.pub
diff --git a/ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key b/ansible/plays/files/conflatorio/etc/wireguard/public-wg-edipost.key
index dd3609c..dd3609c 100644
--- a/ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key
+++ b/ansible/plays/files/conflatorio/etc/wireguard/public-wg-edipost.key
diff --git a/ansible/files/conflatorio/etc/wireguard/public-wg0.key b/ansible/plays/files/conflatorio/etc/wireguard/public-wg0.key
index f4cc915..f4cc915 100644
--- a/ansible/files/conflatorio/etc/wireguard/public-wg0.key
+++ b/ansible/plays/files/conflatorio/etc/wireguard/public-wg0.key
diff --git a/ansible/files/knot/etc/wireguard/public-wg0.key b/ansible/plays/files/knot/etc/wireguard/public-wg0.key
index 8caf3db..8caf3db 100644
--- a/ansible/files/knot/etc/wireguard/public-wg0.key
+++ b/ansible/plays/files/knot/etc/wireguard/public-wg0.key
diff --git a/ansible/files/knot/etc/wireguard/public-wg1.key b/ansible/plays/files/knot/etc/wireguard/public-wg1.key
index 0b891d1..0b891d1 100644
--- a/ansible/files/knot/etc/wireguard/public-wg1.key
+++ b/ansible/plays/files/knot/etc/wireguard/public-wg1.key
diff --git a/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key b/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key
new file mode 100644
index 0000000..6fe02dc
--- /dev/null
+++ b/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key
@@ -0,0 +1 @@
+spjhTSR22/RyPy7D2AnMLLzzHuasXD6W4J5Xwuo+UTQ=
diff --git a/ansible/files/webgateway/etc/wireguard/public-wg-hesland.key b/ansible/plays/files/webgateway/etc/wireguard/public-wg-hesland.key
index e9aa962..e9aa962 100644
--- a/ansible/files/webgateway/etc/wireguard/public-wg-hesland.key
+++ b/ansible/plays/files/webgateway/etc/wireguard/public-wg-hesland.key
diff --git a/ansible/wireguard.yml b/ansible/plays/wireguard.yml
index 26ee9ff..26ee9ff 100644
--- a/ansible/wireguard.yml
+++ b/ansible/plays/wireguard.yml
diff --git a/ansible/roles/wireguard/tasks/main.yml b/ansible/roles/wireguard/tasks/main.yml
index 787c67c..62d64ce 100644
--- a/ansible/roles/wireguard/tasks/main.yml
+++ b/ansible/roles/wireguard/tasks/main.yml
@@ -12,12 +12,23 @@
- name: Install packages
tags: packages
apt:
- name: "{{ items }}"
- install_recommends: no
- vars:
- items:
+ name:
- wireguard
- - "{{ 'linux-headers-amd64' if ansible_architecture == 'x86_64' else 'linux-headers-686-pae' }}"
+ install_recommends: no
+ - name: Install packages (amd64)
+ tags: packages
+ apt:
+ name:
+ - linux-headers-amd64
+ install_recommends: no
+ when: ansible_architecture == 'x86_64'
+ - name: Install packages (i686)
+ tags: packages
+ apt:
+ name:
+ - linux-headers-i686-pae
+ install_recommends: no
+ when: ansible_architecture == 'i686'
- name: systemctl enable systemd-networkd
systemd:
@@ -153,25 +164,3 @@
when: links[wg_net.if] is defined
vars:
links: "{{ ip_link.stdout | from_json | items2dict(key_name='ifname', value_name='ifname') }}"
-
-- name: generate dns records
- tags:
-# - wireguard
-# - wireguard-dns-records
- - never
- local_action:
- module: copy
- content: |
- wireguard_dns_records_{{ wg_net.if }}:
- {% for c in wireguard__clients|sort %}
- {% set client = wireguard__clients[c] %}
- - type: A
- name: {{ c }}
- value: {{ client.ipv4 }}
- state: {{ client.state }}
- - type: AAAA
- name: {{ c }}
- value: {{ client.ipv6 }}
- state: {{ client.state }}
- {% endfor %}
- dest: "files/wireguard-dns-records-{{ wg_net.if }}.yml"