infrastructure/ansible/roles/gateway/tasks/wireguard.yml
Jake Howard 974e0e8467
Enable services
Not just during reload
2020-04-28 20:48:15 +01:00

37 lines
824 B
YAML

- name: Wireguard server config
template:
src: files/wireguard-server.conf
dest: /etc/wireguard/wg0.conf
backup: yes
become: true
register: wireguard_conf
- name: Enable wireguard
service:
name: wg-quick@wg0
enabled: true
become: true
- name: Restart wireguard
service:
name: wg-quick@wg0
state: restarted
when: wireguard_conf.changed
become: true
- name: Create wireguard client directory
file:
path: "{{ home }}/wireguard-clients"
state: directory
owner: "{{ user }}"
mode: 0700
- name: Wireguard client configuration
template:
src: files/wireguard-client.conf
dest: "{{ home }}/wireguard-clients/{{ item.key }}.conf"
owner: "{{ user }}"
mode: 0600
loop: "{{ wireguard.clients|dict2items }}"
loop_control:
label: "{{ item.key }}"