diff options
-rw-r--r-- | ansible/group_vars/all/wireguard_wg0.yml | 3 | ||||
-rw-r--r-- | ansible/inventory | 5 | ||||
-rw-r--r-- | ansible/plays/files/akili/etc/wireguard/public-wg-net1.key (renamed from ansible/files/akili/etc/wireguard/public-wg-net1.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/akili/etc/wireguard/public-wg0.key | 1 | ||||
-rw-r--r-- | ansible/plays/files/android-trygvis/etc/wireguard/public-wg1.key (renamed from ansible/files/android-trygvis/etc/wireguard/public-wg1.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/arius/etc/borg/id_ed25519.pub (renamed from ansible/files/arius/etc/borg/id_ed25519.pub) | 0 | ||||
-rw-r--r-- | ansible/plays/files/arius/etc/wireguard/public-wg-hesland.key (renamed from ansible/files/arius/etc/wireguard/public-wg-hesland.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/arius/etc/wireguard/public-wg-net1.key (renamed from ansible/files/arius/etc/wireguard/public-wg-net1.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/arius/etc/wireguard/public-wg0.key (renamed from ansible/files/arius/etc/wireguard/public-wg0.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/birgitte/etc/borg/id_ed25519.pub (renamed from ansible/files/birgitte/etc/borg/id_ed25519.pub) | 0 | ||||
-rw-r--r-- | ansible/plays/files/birgitte/etc/systemd/network/51-eth0.network (renamed from ansible/files/birgitte/etc/systemd/network/51-eth0.network) | 0 | ||||
-rw-r--r-- | ansible/plays/files/birgitte/etc/wireguard/public-wg-net1.key (renamed from ansible/files/birgitte/etc/wireguard/public-wg-net1.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/birgitte/etc/wireguard/public-wg0.key (renamed from ansible/files/birgitte/etc/wireguard/public-wg0.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/conflatorio/etc/borg/id_ed25519.pub (renamed from ansible/files/conflatorio/etc/borg/id_ed25519.pub) | 0 | ||||
-rw-r--r-- | ansible/plays/files/conflatorio/etc/wireguard/public-wg-edipost.key (renamed from ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/conflatorio/etc/wireguard/public-wg0.key (renamed from ansible/files/conflatorio/etc/wireguard/public-wg0.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/knot/etc/wireguard/public-wg0.key (renamed from ansible/files/knot/etc/wireguard/public-wg0.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/knot/etc/wireguard/public-wg1.key (renamed from ansible/files/knot/etc/wireguard/public-wg1.key) | 0 | ||||
-rw-r--r-- | ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key | 1 | ||||
-rw-r--r-- | ansible/plays/files/webgateway/etc/wireguard/public-wg-hesland.key (renamed from ansible/files/webgateway/etc/wireguard/public-wg-hesland.key) | 0 | ||||
-rw-r--r-- | ansible/plays/wireguard.yml (renamed from ansible/wireguard.yml) | 0 | ||||
-rw-r--r-- | ansible/roles/wireguard/tasks/main.yml | 43 |
22 files changed, 24 insertions, 29 deletions
diff --git a/ansible/group_vars/all/wireguard_wg0.yml b/ansible/group_vars/all/wireguard_wg0.yml index 42b149b..872c432 100644 --- a/ansible/group_vars/all/wireguard_wg0.yml +++ b/ansible/group_vars/all/wireguard_wg0.yml @@ -22,3 +22,6 @@ wireguard-wg0: akili: state: present ipv6: fdf3:aad9:a885:0b3a::7 + malabaricus: + state: present + ipv6: fdf3:aad9:a885:0b3a::8 diff --git a/ansible/inventory b/ansible/inventory index 638ee5b..5ae2af7 100644 --- a/ansible/inventory +++ b/ansible/inventory @@ -13,7 +13,7 @@ all: homepi: ansible_host: homepi.local malabaricus: - ansible_host: malabaricus.trygvis.io + ansible_host: 10.13.37.187 # malabaricus.trygvis.io conflatorio: ansible_host: conflatorio.trygvis.io akili: @@ -144,10 +144,11 @@ all: hosts: akili: arius: + astyanax: birgitte: conflatorio: knot: - astyanax: + malabaricus: wireguard_wg1: hosts: diff --git a/ansible/files/akili/etc/wireguard/public-wg-net1.key b/ansible/plays/files/akili/etc/wireguard/public-wg-net1.key index 31725d2..31725d2 100644 --- a/ansible/files/akili/etc/wireguard/public-wg-net1.key +++ b/ansible/plays/files/akili/etc/wireguard/public-wg-net1.key diff --git a/ansible/plays/files/akili/etc/wireguard/public-wg0.key b/ansible/plays/files/akili/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..f94a7b2 --- /dev/null +++ b/ansible/plays/files/akili/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +pFbHqAJuQPR+JwHDT6YT9pIpGPfDdhM1WU6RXfrZjCQ= diff --git a/ansible/files/android-trygvis/etc/wireguard/public-wg1.key b/ansible/plays/files/android-trygvis/etc/wireguard/public-wg1.key index 4ab6833..4ab6833 100644 --- a/ansible/files/android-trygvis/etc/wireguard/public-wg1.key +++ b/ansible/plays/files/android-trygvis/etc/wireguard/public-wg1.key diff --git a/ansible/files/arius/etc/borg/id_ed25519.pub b/ansible/plays/files/arius/etc/borg/id_ed25519.pub index b4e14aa..b4e14aa 100644 --- a/ansible/files/arius/etc/borg/id_ed25519.pub +++ b/ansible/plays/files/arius/etc/borg/id_ed25519.pub diff --git a/ansible/files/arius/etc/wireguard/public-wg-hesland.key b/ansible/plays/files/arius/etc/wireguard/public-wg-hesland.key index 3102f19..3102f19 100644 --- a/ansible/files/arius/etc/wireguard/public-wg-hesland.key +++ b/ansible/plays/files/arius/etc/wireguard/public-wg-hesland.key diff --git a/ansible/files/arius/etc/wireguard/public-wg-net1.key b/ansible/plays/files/arius/etc/wireguard/public-wg-net1.key index 879fa3c..879fa3c 100644 --- a/ansible/files/arius/etc/wireguard/public-wg-net1.key +++ b/ansible/plays/files/arius/etc/wireguard/public-wg-net1.key diff --git a/ansible/files/arius/etc/wireguard/public-wg0.key b/ansible/plays/files/arius/etc/wireguard/public-wg0.key index a722138..a722138 100644 --- a/ansible/files/arius/etc/wireguard/public-wg0.key +++ b/ansible/plays/files/arius/etc/wireguard/public-wg0.key diff --git a/ansible/files/birgitte/etc/borg/id_ed25519.pub b/ansible/plays/files/birgitte/etc/borg/id_ed25519.pub index f4b79b5..f4b79b5 100644 --- a/ansible/files/birgitte/etc/borg/id_ed25519.pub +++ b/ansible/plays/files/birgitte/etc/borg/id_ed25519.pub diff --git a/ansible/files/birgitte/etc/systemd/network/51-eth0.network b/ansible/plays/files/birgitte/etc/systemd/network/51-eth0.network index 82831c5..82831c5 100644 --- a/ansible/files/birgitte/etc/systemd/network/51-eth0.network +++ b/ansible/plays/files/birgitte/etc/systemd/network/51-eth0.network diff --git a/ansible/files/birgitte/etc/wireguard/public-wg-net1.key b/ansible/plays/files/birgitte/etc/wireguard/public-wg-net1.key index 22e2fe3..22e2fe3 100644 --- a/ansible/files/birgitte/etc/wireguard/public-wg-net1.key +++ b/ansible/plays/files/birgitte/etc/wireguard/public-wg-net1.key diff --git a/ansible/files/birgitte/etc/wireguard/public-wg0.key b/ansible/plays/files/birgitte/etc/wireguard/public-wg0.key index d595dff..d595dff 100644 --- a/ansible/files/birgitte/etc/wireguard/public-wg0.key +++ b/ansible/plays/files/birgitte/etc/wireguard/public-wg0.key diff --git a/ansible/files/conflatorio/etc/borg/id_ed25519.pub b/ansible/plays/files/conflatorio/etc/borg/id_ed25519.pub index 7bdbe0c..7bdbe0c 100644 --- a/ansible/files/conflatorio/etc/borg/id_ed25519.pub +++ b/ansible/plays/files/conflatorio/etc/borg/id_ed25519.pub diff --git a/ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key b/ansible/plays/files/conflatorio/etc/wireguard/public-wg-edipost.key index dd3609c..dd3609c 100644 --- a/ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key +++ b/ansible/plays/files/conflatorio/etc/wireguard/public-wg-edipost.key diff --git a/ansible/files/conflatorio/etc/wireguard/public-wg0.key b/ansible/plays/files/conflatorio/etc/wireguard/public-wg0.key index f4cc915..f4cc915 100644 --- a/ansible/files/conflatorio/etc/wireguard/public-wg0.key +++ b/ansible/plays/files/conflatorio/etc/wireguard/public-wg0.key diff --git a/ansible/files/knot/etc/wireguard/public-wg0.key b/ansible/plays/files/knot/etc/wireguard/public-wg0.key index 8caf3db..8caf3db 100644 --- a/ansible/files/knot/etc/wireguard/public-wg0.key +++ b/ansible/plays/files/knot/etc/wireguard/public-wg0.key diff --git a/ansible/files/knot/etc/wireguard/public-wg1.key b/ansible/plays/files/knot/etc/wireguard/public-wg1.key index 0b891d1..0b891d1 100644 --- a/ansible/files/knot/etc/wireguard/public-wg1.key +++ b/ansible/plays/files/knot/etc/wireguard/public-wg1.key diff --git a/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key b/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..6fe02dc --- /dev/null +++ b/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +spjhTSR22/RyPy7D2AnMLLzzHuasXD6W4J5Xwuo+UTQ= diff --git a/ansible/files/webgateway/etc/wireguard/public-wg-hesland.key b/ansible/plays/files/webgateway/etc/wireguard/public-wg-hesland.key index e9aa962..e9aa962 100644 --- a/ansible/files/webgateway/etc/wireguard/public-wg-hesland.key +++ b/ansible/plays/files/webgateway/etc/wireguard/public-wg-hesland.key diff --git a/ansible/wireguard.yml b/ansible/plays/wireguard.yml index 26ee9ff..26ee9ff 100644 --- a/ansible/wireguard.yml +++ b/ansible/plays/wireguard.yml diff --git a/ansible/roles/wireguard/tasks/main.yml b/ansible/roles/wireguard/tasks/main.yml index 787c67c..62d64ce 100644 --- a/ansible/roles/wireguard/tasks/main.yml +++ b/ansible/roles/wireguard/tasks/main.yml @@ -12,12 +12,23 @@ - name: Install packages tags: packages apt: - name: "{{ items }}" - install_recommends: no - vars: - items: + name: - wireguard - - "{{ 'linux-headers-amd64' if ansible_architecture == 'x86_64' else 'linux-headers-686-pae' }}" + install_recommends: no + - name: Install packages (amd64) + tags: packages + apt: + name: + - linux-headers-amd64 + install_recommends: no + when: ansible_architecture == 'x86_64' + - name: Install packages (i686) + tags: packages + apt: + name: + - linux-headers-i686-pae + install_recommends: no + when: ansible_architecture == 'i686' - name: systemctl enable systemd-networkd systemd: @@ -153,25 +164,3 @@ when: links[wg_net.if] is defined vars: links: "{{ ip_link.stdout | from_json | items2dict(key_name='ifname', value_name='ifname') }}" - -- name: generate dns records - tags: -# - wireguard -# - wireguard-dns-records - - never - local_action: - module: copy - content: | - wireguard_dns_records_{{ wg_net.if }}: - {% for c in wireguard__clients|sort %} - {% set client = wireguard__clients[c] %} - - type: A - name: {{ c }} - value: {{ client.ipv4 }} - state: {{ client.state }} - - type: AAAA - name: {{ c }} - value: {{ client.ipv6 }} - state: {{ client.state }} - {% endfor %} - dest: "files/wireguard-dns-records-{{ wg_net.if }}.yml" |