adc/ansible/roles/wg_vpn/tasks/main.yml

---
# tasks file for wg_vpn
# playbook to go from a "base configured" server to a wg vpn peer

- name: add unstable to repos
  shell: |
    echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list
    printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable

- name: install wireguard
  apt:
    name:
      - wireguard
      - build-essential
      - dkms
    update_cache: yes
    state: latest

    
- name: Enable IP forwarding
  sysctl: name={{ item }} value=1 state=present
  with_items:
    - net.ipv4.ip_forward
    - net.ipv6.conf.all.forwarding

- name: Create wireguard config directory
  file: state=directory path=/etc/wireguard owner=root group=root mode=0700

- name: Install wireguard configuration
  template: src=wg0.conf dest=/etc/wireguard/wg0.conf owner=root group=root mode=0600
  notify: restart wireguard

- name: Start wireguard
  service: name=wg-quick@wg0.service enabled=yes state=started

- name: Create matrix.conf file in ~/wireguard/.
  template: src=ios.conf dest=/etc/wireguard/ owner=root mode=0600
  tags:
    - clients
    - client_matrix

- name: Create .conf file in /etc/wireguard/.
  template: src=ling8.conf dest=/etc/wireguard/ owner=root mode=0600
  tags:
    - clients
    - client_ling8
Move ansible stuff to ansible folder. 2020-01-05 00:13:19 +00:00			`---`
			`# tasks file for wg_vpn`
			`# playbook to go from a "base configured" server to a wg vpn peer`
Remove vars/host declarations. 2020-01-08 20:09:29 +00:00
Add role specific declarations. 2020-01-08 23:02:02 +00:00			`- name: add unstable to repos`
			`shell: \|`
			`echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list`
			`printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable`
Move ansible stuff to ansible folder. 2020-01-05 00:13:19 +00:00
Add role specific declarations. 2020-01-08 23:02:02 +00:00			`- name: install wireguard`
			`apt:`
			`name:`
			`- wireguard`
			`- build-essential`
			`- dkms`
			`update_cache: yes`
			`state: latest`
Move ansible stuff to ansible folder. 2020-01-05 00:13:19 +00:00
Add role specific declarations. 2020-01-08 23:02:02 +00:00
			`- name: Enable IP forwarding`
			`sysctl: name={{ item }} value=1 state=present`
			`with_items:`
			`- net.ipv4.ip_forward`
			`- net.ipv6.conf.all.forwarding`
Move ansible stuff to ansible folder. 2020-01-05 00:13:19 +00:00
Add role specific declarations. 2020-01-08 23:02:02 +00:00			`- name: Create wireguard config directory`
			`file: state=directory path=/etc/wireguard owner=root group=root mode=0700`
Move ansible stuff to ansible folder. 2020-01-05 00:13:19 +00:00
Add role specific declarations. 2020-01-08 23:02:02 +00:00			`- name: Install wireguard configuration`
			`template: src=wg0.conf dest=/etc/wireguard/wg0.conf owner=root group=root mode=0600`
			`notify: restart wireguard`
Move ansible stuff to ansible folder. 2020-01-05 00:13:19 +00:00
Add role specific declarations. 2020-01-08 23:02:02 +00:00			`- name: Start wireguard`
			`service: name=wg-quick@wg0.service enabled=yes state=started`
Add ability to deploy matrix client from ansible - add client_matrix.yml play - add new ios.conf template - update main.yml task to include matrix.conf template deploy and tags. 2020-01-14 21:42:22 +00:00
			`- name: Create matrix.conf file in ~/wireguard/.`
			`template: src=ios.conf dest=/etc/wireguard/ owner=root mode=0600`
			`tags:`
			`- clients`
			`- client_matrix`
Create new ling8 client config, reference it properly for deploys. 2020-01-19 22:08:34 +00:00
			`- name: Create .conf file in /etc/wireguard/.`
			`template: src=ling8.conf dest=/etc/wireguard/ owner=root mode=0600`
			`tags:`
			`- clients`
			`- client_ling8`