systems/infrastructure
1
Fork 0
Code Issues 1 Pull requests 14 Activity Actions
infrastructure/ansible/roles/ingress/tasks/wireguard.yml

44 lines
980 B
YAML
Raw Blame History

- name: Install Wireguard
package:
name:
- wireguard-virt
- wireguard-tools
become: true
- name: Get wireguard credentials
set_fact:
ingress_wireguard: "{{ wireguard.clients.ingress }}"
- name: Wireguard config
template:
src: files/wireguard.conf
dest: /etc/wireguard/wg0.conf
mode: "0600"
backup: true
become: true
notify: restart wireguard
# Wireguard on Alpine doesn't ship a native OpenRC service
- name: Download wireguard service
get_url:
url: https://gitweb.gentoo.org/repo/gentoo.git/plain/net-vpn/wireguard-tools/files/wg-quick.init
dest: /etc/init.d/wg-quick.wg0
mode: "0755"
backup: yes
become: true
- name: Enable wireguard
service:
name: wg-quick.wg0
enabled: true
become: true
- name: Enable p2p communication
sysctl:
name: net.ipv4.ip_forward
value: "1"
sysctl_set: yes
state: present
reload: yes
sysctl_file: /etc/sysctl.d/99-sysctl.conf
become: true
Reference in a new issue View git blame Copy permalink