forked from FF-RGB/ansible
Markus Hauschild
1f0b671545
This is still work in progress, as such it is only enabled on the test gateway.
24 lines
748 B
YAML
24 lines
748 B
YAML
---
|
|
|
|
- name: Enable backports
|
|
apt_repository: repo='deb http://deb.debian.org/debian buster-backports main'
|
|
|
|
- name: Install kernel headers
|
|
apt: name=linux-headers-amd64
|
|
|
|
- name: Install wireguard from backports
|
|
apt: name=wireguard-dkms default_release=buster-backports
|
|
|
|
- name: Configure wireguard options
|
|
template: src=wg.conf.j2 dest=/etc/wireguard/wg-{{ site_code }}.conf force=no mode=0600
|
|
register: wg_new_config
|
|
notify: Reload interfaces
|
|
|
|
- name: Generate wireguard keypair
|
|
command: sed -i 's/replace_me/$(wg genkey)/' /etc/wireguard/wg-{{ site_code }}.conf
|
|
when: wg_new_config.changed
|
|
|
|
- name: Configure mesh interfaces
|
|
template: src=mesh_wg.conf.j2 dest=/etc/network/interfaces.d/mesh_wg.conf
|
|
notify: Reload interfaces
|