Initial implementation of wireguard monit checks

inventory.example

@@ -8,6 +8,9 @@ all:
 frames:
   hosts:
     frame1:
+  vars:
+    monit_wireguard: true
+    monit_wireguard_ip: 192.168.254.1
 wg:
   hosts:
       frame1:
@@ -34,7 +37,6 @@ wg:
           - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
           - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
   vars:
-    monit_wireguard: true
     wireguard_port: 51821
     wireguard_endpoint: 10.5.5.246
     wireguard_persistent_keepalive: 30

roles/monit/defaults/main.yml

@@ -12,6 +12,7 @@ monit_filesystems:
 
 # Monitor WireGuard?
 monit_wireguard: false
+monit_wireguard_ip: 192.168.254.1
 
 # Username / password for monit web service
 monit_web_user: "admin"

roles/monit/templates/wireguard

@@ -0,0 +1,5 @@
+check host wireguard address {{ monit_wireguard_ip }}
+    start program = "/usr/bin/systemctl start wg-quick@wg0"
+    stop program = "/usr/bin/systemctl stop wg-quick@wg0"
+    if does not exist then alert
+    if does not exist for 3 cycles then restart