ansible-ffrgb/roles/mesh_wg/tasks/main.yml

---

- name: Enable backports
  apt_repository: repo='deb http://deb.debian.org/debian buster-backports main'

- name: Install kernel headers
  apt: name=linux-headers-amd64

- name: Install wireguard from backports
  apt: name=wireguard-dkms default_release=buster-backports

- name: Configure wireguard options
  template: src=wg.conf.j2 dest=/etc/wireguard/wg-{{ site_code }}.conf force=no mode=0600
  register: wg_new_config
  notify: Reload interfaces

- name: Generate wireguard keypair
  command: sed -i 's/replace_me/$(wg genkey)/' /etc/wireguard/wg-{{ site_code }}.conf
  when: wg_new_config.changed

- name: Configure mesh interfaces
  template: src=mesh_wg.conf.j2 dest=/etc/network/interfaces.d/mesh_wg.conf
  notify: Reload interfaces
mesh_wg: new role for VXLAN over WG meshing This is still work in progress, as such it is only enabled on the test gateway. 2020-11-23 19:44:52 +01:00			`---`

			`- name: Enable backports`
			`apt_repository: repo='deb http://deb.debian.org/debian buster-backports main'`

			`- name: Install kernel headers`
			`apt: name=linux-headers-amd64`

			`- name: Install wireguard from backports`
			`apt: name=wireguard-dkms default_release=buster-backports`

			`- name: Configure wireguard options`
			`template: src=wg.conf.j2 dest=/etc/wireguard/wg-{{ site_code }}.conf force=no mode=0600`
			`register: wg_new_config`
			`notify: Reload interfaces`

			`- name: Generate wireguard keypair`
			`command: sed -i 's/replace_me/$(wg genkey)/' /etc/wireguard/wg-{{ site_code }}.conf`
			`when: wg_new_config.changed`

			`- name: Configure mesh interfaces`
			`template: src=mesh_wg.conf.j2 dest=/etc/network/interfaces.d/mesh_wg.conf`
			`notify: Reload interfaces`