31 lines
801 B
YAML
31 lines
801 B
YAML
|
---
|
||
|
|
||
|
- name: install wireguard
|
||
|
apt:
|
||
|
name:
|
||
|
- wireguard
|
||
|
- wireguard-dkms
|
||
|
- wireguard-tools
|
||
|
update_cache: yes
|
||
|
state: latest
|
||
|
|
||
|
- name: Enable IP forwarding
|
||
|
sysctl: name={{ item }} value=1 state=present
|
||
|
with_items:
|
||
|
- net.ipv4.ip_forward
|
||
|
- net.ipv6.conf.all.forwarding
|
||
|
|
||
|
- name: Configure firewall (Ubuntu)
|
||
|
ufw: rule=allow port=51820 proto=udp
|
||
|
when: ansible_distribution == "Ubuntu"
|
||
|
|
||
|
- name: Create wireguard config directory
|
||
|
file: state=directory path=/etc/wireguard owner=root group=root mode=0700
|
||
|
|
||
|
- name: Install wireguard configuration
|
||
|
template: src=wg0.conf dest=/etc/wireguard/wg0.conf owner=root group=root mode=0600
|
||
|
notify: restart wireguard
|
||
|
|
||
|
- name: Start wireguard
|
||
|
service: name=wg-quick@wg0.service enabled=yes state=started
|