* Rename debian-setup role to point to vanilla Debian
* Add a specific setup role for Raspbian
This role will fail for now, Raspbian is not supported by this role as it is.
* Add a switch for Raspbian
* Add Raspbian role for installing WireGuard
* Raspbian: Handle reboot with molly-guard and older Ansible versions
Arch Linux ships a Linux kernel > 5.6 and doesn't require DKMS.
Move the package list variable to (distribution-specific) var files.
For the Arch Linux LTS kernel (5.4) a binary wireguard-lts package is
provided in [core].
* Changes wireguard apt repo to buster-backports
* Add repo only on buster or earlier
* No apt pin needed, backports has lower priority than main distribution
* Update CHANGELOG.md
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Clarify effects of updating on system state
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* merge stateless with no storage of local priv key
* Delete locally stored private key
* add reload module on update config file
* privatekey template is not used anymore
* remove all local keys priv and public
* use ansible_play_hosts instead of hardcoded vpn grp
should use the group in the play calling the role.
works fine when hosts bellong to several groups
* Clean tasks names
* add tag, and cleanup
* fix private key creation
* Support for mutliple wireguard vpn on same host
add inventory exemple in readme
* fix typo, add some comment on inventory
* add wg-config tag to Check config:
allow run with -t - wg-config
* Update tasks/main.yml
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* remove trailing whitespace
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* changes after githubixx code review
* readd new line to separate peers in config
* feat(debian) enable module to work on debian
Add support for Debian based on the documentation in debian wiki
and discussion in [0].
[0]: https://github.com/githubixx/ansible-role-wireguard/issues/5
* remove run_once for debian
* Install kernel headers on debian
There is no equivalent package of linux-headers-generic on debian.
Package installation needs to specify the architecture (i.e. amd64),
which is captured from dpkg output.
* Only use include_tasks to differentiate distributions
Before Archlinux was split out using ansible_os_family. But since
ansible_os_family overlaps for Debian and Ubuntu, two when
statements were used to split out these cases:
- All arch derivations
- Debian
- Ubuntu
New style is cleaner. Arch derivations can still be used by
overiding ansible_distribution in inventory.
* incorporate feedback: move pin file, other changed_when syntax