41 lines
841 B
YAML
41 lines
841 B
YAML
---
|
|
# tasks file for debian/ansible/wireguard
|
|
- name: Include main vars
|
|
include_vars:
|
|
file: vars/main.yml
|
|
- name: Apt upgrade
|
|
apt:
|
|
update_cache: yes
|
|
upgrade: yes
|
|
become: yes
|
|
- name: Install wireguard
|
|
apt:
|
|
name:
|
|
- wireguard
|
|
- iptables
|
|
state: present
|
|
update_cache: yes
|
|
become: yes
|
|
- name: Copy wireguard config to /etc/wg0.conf
|
|
ansible.builtin.template:
|
|
src: templates/wg0.conf
|
|
dest: /etc/wireguard/wg0.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
become: yes
|
|
- name: Update ipv4 sysctl
|
|
ansible.posix.sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: '1'
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
become: yes
|
|
- name: Ensure wireguard is enabled and running
|
|
ansible.builtin.systemd:
|
|
state: restarted
|
|
enabled: yes
|
|
name: wg-quick@wg0
|
|
become: yes
|