full-dns/tasks/wireguard.yml

---
- name: Ensure wireguard is present
  apt:
    name: wireguard-tools
    state: present
    default_release: buster-backports
  register: wireguard

- name: Ensure wireguard configuration is present
  template:
    src: templates/wireguard.conf.j2
    dest: "/etc/wireguard/dns.conf"
    owner: root
    group: root
    mode: 0600
  notify: restart wireguard

- name: Enable IPv4 forwarding
  sysctl:
    name: net.ipv4.ip_forward
    value: 1
    reload: yes

- name: Reboot to allow wireguard to start
  reboot:
  when: wireguard.changed

- name: Ensure wireguard is enabled
  systemd:
    name: wg-quick@dns.service
    state: started
    enabled: yes
Init 2020-08-03 19:25:51 +02:00			`---`
			`- name: Ensure wireguard is present`
			`apt:`
			`name: wireguard-tools`
			`state: present`
			`default_release: buster-backports`
			`register: wireguard`

			`- name: Ensure wireguard configuration is present`
			`template:`
			`src: templates/wireguard.conf.j2`
			`dest: "/etc/wireguard/dns.conf"`
			`owner: root`
			`group: root`
			`mode: 0600`
			`notify: restart wireguard`

			`- name: Enable IPv4 forwarding`
			`sysctl:`
			`name: net.ipv4.ip_forward`
			`value: 1`
			`reload: yes`

			`- name: Reboot to allow wireguard to start`
			`reboot:`
			`when: wireguard.changed`

			`- name: Ensure wireguard is enabled`
			`systemd:`
			`name: wg-quick@dns.service`
			`state: started`
			`enabled: yes`