pixx/apLukov
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bp
apLukov/roles/wireguard/tasks/server.yml
David Zálešák 587ca23374 Initial commit
2024-10-30 01:50:38 +01:00

112 lines
4.0 KiB
YAML
Raw Permalink Blame History

---
# Set state status for wireguard interface
- name: Set state status for wireguard interface {{ item.id }}
ansible.builtin.set_fact:
wireguard_interface_state: "{{ item.state | default('present') }}"
# Delete wireguard interface
- name: Delete wireguard interface {{ item.id }}
when: "'absent' in wireguard_interface_state"
uci:
command: "absent"
config: "network"
section: "{{ item.id }}"
type: "interface"
# Create and configure wireguard interface
- name: Create and configure user-defined wireguard interface
when: "'present' in wireguard_interface_state"
block:
# Create wireguard interface
- name: Create wireguard interface {{ item.id }}
uci:
command: "add"
config: "network"
section: "{{ item.id }}"
type: "interface"
# Configure wireguard interface
- name: Configure user-defined wireguard interface {{ item.id }}
when: >
item.private_key is defined and
item.private_key | length > 0
uci:
command: "set"
config: "network"
section: "{{ item.id }}"
type: "interface"
value:
proto: "{{ item.proto | default(omit) }}"
private_key: "{{ item.private_key | default(omit) }}"
addresses: "{{ item.addresses | default(omit) }}"
listen_port: "{{ item.listen_port | default(omit) }}"
# Configure new wireguard interface
- name: Configure new wireguard interface
when: >
item.private_key is undefined or
item.private_key | length == 0
block:
# Check current wireguard private key
- name: Check current wireguard private key
uci:
command: "get"
config: "network"
section: "{{ item.id }}.private_key"
type: "interface"
register: current_wireguard_private_key
failed_when: >
current_wireguard_private_key.result is undefined and
'Entry not found' not in current_wireguard_private_key.result
# Set current generated wireguard private key fact
- name: Set current wireguard private key fact
ansible.builtin.set_fact:
wireguard_private_key: "{{ current_wireguard_private_key.result }}"
when: >
(current_wireguard_private_key.result is defined and
current_wireguard_private_key.result | length > 0) and
'Entry not found' not in current_wireguard_private_key.result
# Generate wireguard private key
- name: Generate wireguard private key
ansible.builtin.command:
cmd: "umask go= && wg genkey"
uses_shell: true
register: new_wireguard_private_key
when: >
current_wireguard_private_key.result is undefined or
'Entry not found' in current_wireguard_private_key.result
# Set newely generated wireguard private key fact
- name: Set newely generated wireguard private key fact
ansible.builtin.set_fact:
wireguard_private_key: "{{ new_wireguard_private_key.stdout }}"
when: >
new_wireguard_private_key.stdout is defined and
new_wireguard_private_key.stdout | length > 0
# Configure wireguard interface
- name: Configure wireguard interface {{ item.id }}
uci:
command: "set"
config: "network"
section: "{{ item.id }}"
type: "interface"
value:
proto: "{{ item.proto | default(omit) }}"
private_key: "{{ wireguard_private_key }}"
addresses: "{{ item.addresses | default(omit) }}"
listen_port: "{{ item.listen_port | default(omit) }}"
# Configure wireguard peers
- name: Configure wireguard peers
ansible.builtin.include_tasks: peer.yml
vars:
wireguard_interface_name: "wireguard_{{ item.id }}"
wireguard_interface_addresses: "{{ item.addresses }}"
loop: "{{ item.peers | default([]) }}"
loop_control:
extended: true
loop_var: wgpeer
Reference in New Issue View Git Blame Copy Permalink