Add note about fork

Add s6-svc restart for containers
Started work on s6-svc restart of wireguard for containerized deployment(s)
2020-08-04 22:01:34 +00:00 · 2020-08-04 20:26:38 +00:00 · 2020-08-04 19:27:15 +00:00 · 2020-08-04 19:26:58 +00:00 · 2020-08-04 18:42:30 +00:00 · 2020-08-04 18:37:51 +00:00
7 changed files with 50 additions and 31 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,6 +1,10 @@
 Changelog
 ---------

+**6.3.1**
+
+- Support Openstack Debian images (contribution by @pallinger)
+
 **6.3.0**

 - Support Raspbian (contribution by @penguineer)
--- a/README.md
+++ b/README.md
@ -1,3 +1,5 @@
+# Fork of https://github.com/githubixx/ansible-role-wireguard.git with some minor tweaks to ensure PiFrameFleet can be provisioned properly
+
 ansible-role-wireguard
 ======================

--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -12,6 +12,9 @@ wireguard_port: "51820"
 # The default interface name that wireguard should use if not specified otherwise.
 wireguard_interface: "wg0"

+# Whether or not WireGuard is running in a container
+wireguard_containerized: false
+

 #######################################
 # Settings only relevant for Ubuntu
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -6,7 +6,7 @@
  loop:
  - stopped
  - started
-  when: not wg_syncconf
+  when: not wg_syncconf and not wireguard_containerized
  listen: "reconfigure wireguard"

 - name: syncconf wireguard
@ -19,5 +19,10 @@
      exit 0
  args:
    executable: "/bin/bash"
-  when: wg_syncconf
+  when: wg_syncconf and not wireguard_containerized
+  listen: "reconfigure wireguard"
+
+- name: restart wireguard (container)
+  command: /usr/bin/s6-svc -r /var/run/s6/services/wireguard
+  when: wireguard_containerized
  listen: "reconfigure wireguard"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -3,6 +3,7 @@
  setup:

 - include_tasks: "setup-{{ ansible_distribution|lower }}.yml"
+  when: not wireguard_containerized

 - name: Enable WireGuard kernel module
  modprobe:
@ -129,3 +130,4 @@
    name: "wg-quick@{{ wireguard_interface }}"
    state: started
    enabled: yes
+  when: not wireguard_containerized
--- a/tasks/setup-debian-vanilla.yml
+++ b/tasks/setup-debian-vanilla.yml
@ -18,10 +18,13 @@
  register: dpkg_arch
  changed_when: False

+- set_fact:
+    kernel_header_version: "{{ ('-cloud-' in ansible_kernel) | ternary(ansible_kernel,dpkg_arch.stdout) }}"
+
 - name: (Debian) Install kernel headers to compile Wireguard with DKMS
  apt:
    name:
-      - "linux-headers-{{ dpkg_arch.stdout }}"
+      - "linux-headers-{{ kernel_header_version }}"
    state: present

 - name: (Debian) Install wireguard packages
--- a/templates/wg.conf.j2
+++ b/templates/wg.conf.j2
@ -39,32 +39,32 @@ PostDown = {{ wg_postdown }}
 {% if hostvars[inventory_hostname].wireguard_save_config is defined %}
 SaveConfig = true
 {% endif %}
-{% for host in ansible_play_hosts %}
-  {% if host != inventory_hostname %}
+{% for host in ansible_play_hosts_all %}
+{% if host != inventory_hostname %}

-    [Peer]
-    # {{ host }}
-    PublicKey = {{hostvars[host].public_key}}
-    {% if hostvars[host].wireguard_allowed_ips is defined %}
-    AllowedIPs = {{hostvars[host].wireguard_allowed_ips}}
-    {% else %}
-    AllowedIPs = {{hostvars[host].wireguard_ip}}/32
-    {% endif %}
-    {% if hostvars[host].wireguard_persistent_keepalive is defined %}
-    PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}}
-    {% endif %}
-    {% if hostvars[host].wireguard_port is defined and hostvars[host].wireguard_port is number %}
-      {% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
-    Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}}
-      {% else %}
-    Endpoint = {{host}}:{{hostvars[host].wireguard_port}}
-      {% endif %}
-    {% elif hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
-    Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}}
-    {% elif hostvars[host].wireguard_endpoint == "" %}
-    # No endpoint defined for this peer
-    {% else %}
-    Endpoint = {{host}}:{{wireguard_port}}
-    {% endif %}
-  {% endif %}
+[Peer]
+# {{ host }}
+PublicKey = {{hostvars[host].public_key}}
+{% if hostvars[host].wireguard_allowed_ips is defined %}
+AllowedIPs = {{hostvars[host].wireguard_allowed_ips}}
+{% else %}
+AllowedIPs = {{hostvars[host].wireguard_ip}}/32
+{% endif %}
+{% if hostvars[host].wireguard_persistent_keepalive is defined %}
+PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}}
+{% endif %}
+{% if hostvars[host].wireguard_port is defined and hostvars[host].wireguard_port is number %}
+{% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
+Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}}
+{% else %}
+Endpoint = {{host}}:{{hostvars[host].wireguard_port}}
+{% endif %}
+{% elif hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
+Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}}
+{% elif hostvars[host].wireguard_endpoint == "" %}
+# No endpoint defined for this peer
+{% else %}
+Endpoint = {{host}}:{{wireguard_port}}
+{% endif %}
+{% endif %}
 {% endfor %}
Author	SHA1	Message	Date
KemoNine	53efc122e3	Add note about fork	2020-08-04 22:01:34 +00:00
KemoNine	0217d41830	Add s6-svc restart for containers	2020-08-04 20:26:38 +00:00
KemoNine	ef8de286b1	Started work on s6-svc restart of wireguard for containerized deployment(s)	2020-08-04 19:27:15 +00:00
KemoNine	fbc79beb72	remove unnecessary whitespace from wg.conf template	2020-08-04 19:26:58 +00:00
KemoNine	d1ed058fa8	Tweak default variable	2020-08-04 18:42:30 +00:00
KemoNine	d00bcb7d6a	Add missing default variable	2020-08-04 18:37:51 +00:00
KemoNine	0afb85375e	Add containerization skips	2020-08-04 17:49:30 +00:00
KemoNine	1faf8d9f12	Attempt to tweak config generator to include ALL hosts that could have been included in the play, rather than just the ones matching filters (helpful for controller deployments)	2020-08-04 17:39:33 +00:00
KemoNine	8fc7870c76	Tweak wireguard role to ensure the bare-metal tasks can be skipped	2020-08-04 06:37:03 +00:00
Robert Wimmer	d5b81cb75e	update CHANGELOG (#57 ) Co-authored-by: githubixx <home@tauceti.net>	2020-06-14 17:56:46 +02:00
pallinger	1997b9d710	Fix on debian openstack images (#55 ) * on openstack Debian images, the kernel is different, so we need to install different kernel headers, too * fix syntax error in conditional fact * remove debug message Co-authored-by: Peter Pallinger <pallinger@sztaki.hu>	2020-06-14 17:52:17 +02:00