Add vpn:base role

This commit is contained in:
Wojciech Kozlowski 2022-12-07 22:07:39 +01:00
parent 2551993f86
commit 149e023534
6 changed files with 17 additions and 10 deletions

View File

@ -1,2 +1,3 @@
--- ---
- ansible.builtin.import_playbook: "plays/system/main.yml" - ansible.builtin.import_playbook: "plays/system/main.yml"
- ansible.builtin.import_playbook: "plays/vpn/main.yml"

View File

@ -3,6 +3,5 @@
hosts: asgard hosts: asgard
tasks: tasks:
- import_tasks: tasks/vpn/ipforward.yml
- import_tasks: tasks/vpn/bridge.yml - import_tasks: tasks/vpn/bridge.yml
- import_tasks: tasks/vpn/wireguard.yml - import_tasks: tasks/vpn/wireguard.yml

View File

@ -1,5 +0,0 @@
- sysctl:
name: net.ipv4.ip_forward
value: '1'
sysctl_file: /etc/sysctl.d/local.conf
reload: yes

View File

@ -1,7 +1,3 @@
- name: Install WireGuard
apt:
name: wireguard
- name: WireGuard interface configuration - name: WireGuard interface configuration
template: template:
src: ./filesystem/{{ ansible_hostname }}/etc/wireguard/wg0.conf.j2 src: ./filesystem/{{ ansible_hostname }}/etc/wireguard/wg0.conf.j2

6
plays/vpn/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: "vpn : group:all"
hosts: "all"
roles:
- role: "base"
tags: "vpn:base"

View File

@ -0,0 +1,10 @@
- name: "enable ipv4 forwarding"
ansible.posix.sysctl:
name: "net.ipv4.ip_forward"
value: "1"
sysctl_file: "/etc/sysctl.d/local.conf"
reload: true
- name: "install wireguard"
ansible.builtin.apt:
name: "wireguard"