Compare commits
No commits in common. "master" and "6.3.0" have entirely different histories.
|
|
@ -1,10 +1,6 @@
|
|||
Changelog
|
||||
---------
|
||||
|
||||
**6.3.1**
|
||||
|
||||
- Support Openstack Debian images (contribution by @pallinger)
|
||||
|
||||
**6.3.0**
|
||||
|
||||
- Support Raspbian (contribution by @penguineer)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
# Fork of https://github.com/githubixx/ansible-role-wireguard.git with some minor tweaks to ensure PiFrameFleet can be provisioned properly
|
||||
|
||||
ansible-role-wireguard
|
||||
======================
|
||||
|
||||
|
|
|
|||
|
|
@ -12,9 +12,6 @@ wireguard_port: "51820"
|
|||
# The default interface name that wireguard should use if not specified otherwise.
|
||||
wireguard_interface: "wg0"
|
||||
|
||||
# Whether or not WireGuard is running in a container
|
||||
wireguard_containerized: false
|
||||
|
||||
|
||||
#######################################
|
||||
# Settings only relevant for Ubuntu
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
loop:
|
||||
- stopped
|
||||
- started
|
||||
when: not wg_syncconf and not wireguard_containerized
|
||||
when: not wg_syncconf
|
||||
listen: "reconfigure wireguard"
|
||||
|
||||
- name: syncconf wireguard
|
||||
|
|
@ -19,10 +19,5 @@
|
|||
exit 0
|
||||
args:
|
||||
executable: "/bin/bash"
|
||||
when: wg_syncconf and not wireguard_containerized
|
||||
listen: "reconfigure wireguard"
|
||||
|
||||
- name: restart wireguard (container)
|
||||
command: /usr/bin/s6-svc -r /var/run/s6/services/wireguard
|
||||
when: wireguard_containerized
|
||||
when: wg_syncconf
|
||||
listen: "reconfigure wireguard"
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@
|
|||
setup:
|
||||
|
||||
- include_tasks: "setup-{{ ansible_distribution|lower }}.yml"
|
||||
when: not wireguard_containerized
|
||||
|
||||
- name: Enable WireGuard kernel module
|
||||
modprobe:
|
||||
|
|
@ -130,4 +129,3 @@
|
|||
name: "wg-quick@{{ wireguard_interface }}"
|
||||
state: started
|
||||
enabled: yes
|
||||
when: not wireguard_containerized
|
||||
|
|
|
|||
|
|
@ -18,13 +18,10 @@
|
|||
register: dpkg_arch
|
||||
changed_when: False
|
||||
|
||||
- set_fact:
|
||||
kernel_header_version: "{{ ('-cloud-' in ansible_kernel) | ternary(ansible_kernel,dpkg_arch.stdout) }}"
|
||||
|
||||
- name: (Debian) Install kernel headers to compile Wireguard with DKMS
|
||||
apt:
|
||||
name:
|
||||
- "linux-headers-{{ kernel_header_version }}"
|
||||
- "linux-headers-{{ dpkg_arch.stdout }}"
|
||||
state: present
|
||||
|
||||
- name: (Debian) Install wireguard packages
|
||||
|
|
|
|||
|
|
@ -39,32 +39,32 @@ PostDown = {{ wg_postdown }}
|
|||
{% if hostvars[inventory_hostname].wireguard_save_config is defined %}
|
||||
SaveConfig = true
|
||||
{% endif %}
|
||||
{% for host in ansible_play_hosts_all %}
|
||||
{% if host != inventory_hostname %}
|
||||
|
||||
[Peer]
|
||||
# {{ host }}
|
||||
PublicKey = {{hostvars[host].public_key}}
|
||||
{% if hostvars[host].wireguard_allowed_ips is defined %}
|
||||
AllowedIPs = {{hostvars[host].wireguard_allowed_ips}}
|
||||
{% else %}
|
||||
AllowedIPs = {{hostvars[host].wireguard_ip}}/32
|
||||
{% endif %}
|
||||
{% if hostvars[host].wireguard_persistent_keepalive is defined %}
|
||||
PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}}
|
||||
{% endif %}
|
||||
{% if hostvars[host].wireguard_port is defined and hostvars[host].wireguard_port is number %}
|
||||
{% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
|
||||
Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}}
|
||||
{% else %}
|
||||
Endpoint = {{host}}:{{hostvars[host].wireguard_port}}
|
||||
{% endif %}
|
||||
{% elif hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
|
||||
Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}}
|
||||
{% elif hostvars[host].wireguard_endpoint == "" %}
|
||||
# No endpoint defined for this peer
|
||||
{% else %}
|
||||
Endpoint = {{host}}:{{wireguard_port}}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% for host in ansible_play_hosts %}
|
||||
{% if host != inventory_hostname %}
|
||||
|
||||
[Peer]
|
||||
# {{ host }}
|
||||
PublicKey = {{hostvars[host].public_key}}
|
||||
{% if hostvars[host].wireguard_allowed_ips is defined %}
|
||||
AllowedIPs = {{hostvars[host].wireguard_allowed_ips}}
|
||||
{% else %}
|
||||
AllowedIPs = {{hostvars[host].wireguard_ip}}/32
|
||||
{% endif %}
|
||||
{% if hostvars[host].wireguard_persistent_keepalive is defined %}
|
||||
PersistentKeepalive = {{hostvars[host].wireguard_persistent_keepalive}}
|
||||
{% endif %}
|
||||
{% if hostvars[host].wireguard_port is defined and hostvars[host].wireguard_port is number %}
|
||||
{% if hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
|
||||
Endpoint = {{hostvars[host].wireguard_endpoint}}:{{hostvars[host].wireguard_port}}
|
||||
{% else %}
|
||||
Endpoint = {{host}}:{{hostvars[host].wireguard_port}}
|
||||
{% endif %}
|
||||
{% elif hostvars[host].wireguard_endpoint is defined and hostvars[host].wireguard_endpoint != "" %}
|
||||
Endpoint = {{hostvars[host].wireguard_endpoint}}:{{wireguard_port}}
|
||||
{% elif hostvars[host].wireguard_endpoint == "" %}
|
||||
# No endpoint defined for this peer
|
||||
{% else %}
|
||||
Endpoint = {{host}}:{{wireguard_port}}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
|
|
|||
Reference in a new issue