WIP: Notes

debian/ansible/wireguard/tasks/main.yml

@@ -0,0 +1,40 @@
+---
+# tasks file for debian/ansible/wireguard
+- name: Include main vars
+  include_vars:
+    file: vars/main.yml
+- name: Apt upgrade
+  apt:
+    update_cache: yes
+    upgrade: yes
+  become: yes
+- name: Install wireguard
+  apt:
+    name: 
+      - wireguard
+      - iptables
+    state: present
+    update_cache: yes
+  become: yes
+- name: Copy wireguard config to /etc/wg0.conf
+  ansible.builtin.template:
+    src: templates/wg0.conf
+    dest: /etc/wireguard/wg0.conf
+    owner: root
+    group: root
+    mode: '0600'
+  become: yes
+- name: Update ipv4 sysctl
+  ansible.posix.sysctl:
+    name: net.ipv4.ip_forward
+    value: '1'
+    sysctl_set: yes
+    state: present
+    reload: yes
+  become: yes
+- name: Ensure wireguard is enabled and running
+  ansible.builtin.systemd:
+    state: restarted
+    enabled: yes
+    name: wg-quick@wg0
+  become: yes