2020-01-05 00:13:19 +00:00
|
|
|
---
|
|
|
|
# tasks file for wg_vpn
|
|
|
|
# playbook to go from a "base configured" server to a wg vpn peer
|
2020-01-08 20:09:29 +00:00
|
|
|
|
2020-01-08 23:02:02 +00:00
|
|
|
- name: add unstable to repos
|
|
|
|
shell: |
|
|
|
|
echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list
|
|
|
|
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
|
2020-01-05 00:13:19 +00:00
|
|
|
|
2020-01-08 23:02:02 +00:00
|
|
|
- name: install wireguard
|
|
|
|
apt:
|
|
|
|
name:
|
|
|
|
- wireguard
|
|
|
|
- build-essential
|
|
|
|
- dkms
|
|
|
|
update_cache: yes
|
|
|
|
state: latest
|
2020-01-05 00:13:19 +00:00
|
|
|
|
2020-01-08 23:02:02 +00:00
|
|
|
|
|
|
|
- name: Enable IP forwarding
|
|
|
|
sysctl: name={{ item }} value=1 state=present
|
|
|
|
with_items:
|
|
|
|
- net.ipv4.ip_forward
|
|
|
|
- net.ipv6.conf.all.forwarding
|
2020-01-05 00:13:19 +00:00
|
|
|
|
2020-01-08 23:02:02 +00:00
|
|
|
- name: Create wireguard config directory
|
|
|
|
file: state=directory path=/etc/wireguard owner=root group=root mode=0700
|
2020-01-05 00:13:19 +00:00
|
|
|
|
2020-01-08 23:02:02 +00:00
|
|
|
- name: Install wireguard configuration
|
|
|
|
template: src=wg0.conf dest=/etc/wireguard/wg0.conf owner=root group=root mode=0600
|
|
|
|
notify: restart wireguard
|
2020-01-05 00:13:19 +00:00
|
|
|
|
2020-01-08 23:02:02 +00:00
|
|
|
- name: Start wireguard
|
|
|
|
service: name=wg-quick@wg0.service enabled=yes state=started
|
2020-01-14 21:42:22 +00:00
|
|
|
|
|
|
|
- name: Create matrix.conf file in ~/wireguard/.
|
|
|
|
template: src=ios.conf dest=/etc/wireguard/ owner=root mode=0600
|
|
|
|
tags:
|
|
|
|
- clients
|
|
|
|
- client_matrix
|
2020-01-31 17:33:16 +00:00
|
|
|
|
|
|
|
- name: Create frisket.conf file in ~/wireguard/.
|
2020-01-31 17:57:43 +00:00
|
|
|
template: src=frisket.conf dest=/etc/wireguard/ owner=root mode=0600
|
2020-01-31 17:33:16 +00:00
|
|
|
tags:
|
|
|
|
- clients
|
|
|
|
- client_frisket
|
2020-01-19 22:08:34 +00:00
|
|
|
|
2020-01-20 20:14:32 +00:00
|
|
|
- name: Create ling8.conf file in /etc/wireguard/.
|
2020-01-19 22:08:34 +00:00
|
|
|
template: src=ling8.conf dest=/etc/wireguard/ owner=root mode=0600
|
|
|
|
tags:
|
|
|
|
- clients
|
|
|
|
- client_ling8
|
2020-01-20 20:14:32 +00:00
|
|
|
|
|
|
|
- name: Create pvl.conf file in /etc/wireguard/.
|
|
|
|
template: src=pvl.conf dest=/etc/wireguard/ owner=root mode=0600
|
|
|
|
tags:
|
|
|
|
- clients
|
|
|
|
- client_pvl
|
|
|
|
|
2020-01-25 02:27:45 +00:00
|
|
|
- name: Create hatchery file in /etc/wireguard/.
|
|
|
|
template: src=wg0-hatchery.conf dest=/etc/wireguard/ owner=root mode=0600
|
|
|
|
tags:
|
|
|
|
- clients
|
|
|
|
- client_hatchery
|