36 lines
889 B
YAML
36 lines
889 B
YAML
|
---
|
||
|
- name: Ensure wireguard is present
|
||
|
apt:
|
||
|
name: wireguard-tools
|
||
|
state: present
|
||
|
default_release: buster-backports
|
||
|
register: wireguard
|
||
|
|
||
|
- name: Ensure wireguard netdev configuration is present
|
||
|
template:
|
||
|
src: templates/wireguard/wireguard.netdev.j2
|
||
|
dest: "/etc/systemd/network/{{ gateway.vpn.name }}.netdev"
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: 0644
|
||
|
notify: restart networking
|
||
|
|
||
|
- name: Ensure wireguard network configuration is present
|
||
|
template:
|
||
|
src: templates/wireguard/wireguard.network.j2
|
||
|
dest: "/etc/systemd/network/{{ gateway.vpn.name }}.network"
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: 0644
|
||
|
notify: restart networking
|
||
|
|
||
|
- name: Reboot to allow wireguard to start
|
||
|
reboot:
|
||
|
when: wireguard.changed
|
||
|
|
||
|
- name: Ensure systemd-networkd is enabled and running
|
||
|
systemd:
|
||
|
name: systemd-networkd.service
|
||
|
state: started
|
||
|
enabled: yes
|