PiFrame/ansible-role-wireguard
Archived
1
0
Fork 0
Code Pull requests Releases Activity

review: block, var name, shell pipe

Browse source
This commit is contained in:
juju4 2020-04-04 15:30:45 -04:00
parent cdec7e34c6
commit 1894bf07dd
1 changed files with 34 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
tasks/main.yml
View file

@ -107,37 +107,43 @@
tags: tags:
- wg-config - wg-config
- name: Create private key for unmanaged hosts - block:
shell: "wg genkey | tee {{ wireguard_remote_directory }}/{{ item.host }}-privatekey" - name: Create private key for unmanaged hosts
args: shell: |
creates: "{{ wireguard_remote_directory }}/{{ item.host }}-privatekey" set -o errexit
register: uh_privkey set -o pipefail
with_items: "{{ wireguard_unmanaged_hosts | default([]) }}" wg genkey | tee {{ wireguard_remote_directory }}/{{ item.host }}-privatekey
exit 0
args:
creates: "{{ wireguard_remote_directory }}/{{ item.host }}-privatekey"
register: uh_private_key
with_items: "{{ wireguard_unmanaged_hosts | default([]) }}"
- name: Validate permissions of unmanaged hosts' private keys - name: Validate permissions of unmanaged hosts' private keys
file: file:
path: "{{ wireguard_remote_directory }}/{{ item.host }}-privatekey" path: "{{ wireguard_remote_directory }}/{{ item.host }}-privatekey"
mode: '0400' mode: '0400'
with_items: "{{ wireguard_unmanaged_hosts | default([]) }}" with_items: "{{ wireguard_unmanaged_hosts | default([]) }}"
- name: Recover existing private key for unmanaged hosts - name: Recover existing private key for unmanaged hosts
shell: "cat {{ wireguard_remote_directory }}/{{ item.host }}-privatekey" shell: "cat {{ wireguard_remote_directory }}/{{ item.host }}-privatekey"
register: uh_privkey register: uh_private_key
changed_when: false changed_when: false
with_items: "{{ wireguard_unmanaged_hosts | default([]) }}" with_items: "{{ wireguard_unmanaged_hosts | default([]) }}"
- name: Derive WireGuard public key for unmanaged hosts - name: Derive WireGuard public key for unmanaged hosts
shell: "cat {{ wireguard_remote_directory }}/{{ item.host }}-privatekey | wg pubkey | tee {{ wireguard_remote_directory }}/{{ item.host }}-pubkey" shell: "cat {{ wireguard_remote_directory }}/{{ item.host }}-privatekey | wg pubkey | tee {{ wireguard_remote_directory }}/{{ item.host }}-pubkey"
args: args:
creates: "{{ wireguard_remote_directory }}/{{ item.host }}-pubkey" creates: "{{ wireguard_remote_directory }}/{{ item.host }}-pubkey"
register: uh_pubkey register: uh_pubkey
with_items: "{{ wireguard_unmanaged_hosts | default([]) }}" with_items: "{{ wireguard_unmanaged_hosts | default([]) }}"
- name: Recover existing public key for unmanaged hosts - name: Recover existing public key for unmanaged hosts
shell: "cat {{ wireguard_remote_directory }}/{{ item.host }}-pubkey" shell: "cat {{ wireguard_remote_directory }}/{{ item.host }}-pubkey"
register: uh_pubkey register: uh_pubkey
changed_when: false changed_when: false
with_items: "{{ wireguard_unmanaged_hosts | default([]) }}" with_items: "{{ wireguard_unmanaged_hosts | default([]) }}"
when: wireguard_unmanaged_hosts is defined and wireguard_unmanaged_hosts
- name: Generate WireGuard configuration file - name: Generate WireGuard configuration file
template: template:
@ -158,7 +164,7 @@
owner: root owner: root
group: root group: root
mode: 0600 mode: 0600
with_items: "{{ uh_privkey.results }}" with_items: "{{ uh_private_key.results }}"
- name: Check if reload-module-on-update is set - name: Check if reload-module-on-update is set
stat: stat: