~xenrox/ansible

39579f734778fa7f49ba1fa5dcdf5bb164a93176 — Thorben Günther 1 year, 9 months ago f716b43
wireguard_desktop: Rename role

Has additional support for internal wireguard config. Use a more
meaningful name for the wireguard config files.
5 files changed, 26 insertions(+), 9 deletions(-)

M playbooks/local.yml
A roles/wireguard_desktop/tasks/main.yml
A roles/wireguard_desktop/templates/wg-internal.conf.j2
R roles/{wireguard_vpn_client/templates/wg1.conf.j2 => wireguard_desktop/templates/wg-vpn.conf.j2}
D roles/wireguard_vpn_client/tasks/main.yml
M playbooks/local.yml => playbooks/local.yml +1 -1
@@ 8,4 8,4 @@
    - { role: ssh }
    - { role: croc }
    - { role: minio_client }
    - { role: wireguard_vpn_client }
    - { role: wireguard_desktop }

A roles/wireguard_desktop/tasks/main.yml => roles/wireguard_desktop/tasks/main.yml +16 -0
@@ 0,0 1,16 @@
---
- name: Configure wg-vpn
  ansible.builtin.template:
    src: wg-vpn.conf.j2
    dest: /etc/wireguard/wg-vpn.conf
    owner: root
    group: root
    mode: 0600

- name: Configure wg-internal
  ansible.builtin.template:
    src: wg-internal.conf.j2
    dest: /etc/wireguard/wg-internal.conf
    owner: root
    group: root
    mode: 0600

A roles/wireguard_desktop/templates/wg-internal.conf.j2 => roles/wireguard_desktop/templates/wg-internal.conf.j2 +9 -0
@@ 0,0 1,9 @@
[Interface]
Address = 10.0.0.1/24
PrivateKey = {{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/localhost.key:content') | trim }}

[Peer]
PublicKey = {{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/xenrox.net.pub:content') | trim }}
PresharedKey = {{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/localhost.psk:content') | trim }}
Endpoint = xenrox.net:51820
AllowedIPs = 10.0.0.2/32

R roles/wireguard_vpn_client/templates/wg1.conf.j2 => roles/wireguard_desktop/templates/wg-vpn.conf.j2 +0 -0
D roles/wireguard_vpn_client/tasks/main.yml => roles/wireguard_vpn_client/tasks/main.yml +0 -8
@@ 1,8 0,0 @@
---
- name: Configure wireguard
  ansible.builtin.template:
    src: wg1.conf.j2
    dest: /etc/wireguard/wg1.conf
    owner: root
    group: root
    mode: 0600