|
|
|
---
|
|
|
|
# Copyright (C) 2020 Roman Danko
|
|
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
|
|
|
|
- name: (CentOS 7) Tasks for standard kernel
|
|
|
|
when:
|
|
|
|
- wireguard_centos7_installation_method == "standard"
|
|
|
|
block:
|
|
|
|
- name: (CentOS 7) Install EPEL & ELRepo repository
|
|
|
|
ansible.builtin.yum:
|
|
|
|
name:
|
|
|
|
- epel-release
|
|
|
|
- https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
|
|
|
|
update_cache: "{{ wireguard_update_cache }}"
|
|
|
|
|
|
|
|
- name: (CentOS 7) Install yum-plugin-elrepo
|
|
|
|
ansible.builtin.yum:
|
|
|
|
name: yum-plugin-elrepo
|
|
|
|
update_cache: "{{ wireguard_update_cache }}"
|
|
|
|
|
|
|
|
- name: (CentOS 7) Install WireGuard packages
|
|
|
|
ansible.builtin.yum:
|
|
|
|
name:
|
|
|
|
- "kmod-wireguard"
|
|
|
|
- "wireguard-tools"
|
|
|
|
state: present
|
|
|
|
register: wireguard__centos7_yum_updates
|
|
|
|
|
|
|
|
- name: (CentOS 7) Reboot Instance to update kernel
|
|
|
|
when:
|
|
|
|
- wireguard_centos7_standard_reboot
|
|
|
|
- wireguard__centos7_yum_updates.changed
|
|
|
|
ansible.builtin.reboot:
|
|
|
|
reboot_timeout: "{{ wireguard_centos7_standard_reboot_timeout }}"
|
|
|
|
|
|
|
|
- name: (CentOS 7) Ensure WireGuard DKMS package is removed
|
|
|
|
ansible.builtin.yum:
|
|
|
|
name:
|
|
|
|
- "wireguard-dkms"
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
- name: (CentOS 7 - kernel-plus) Tasks for kernel-plus
|
|
|
|
when:
|
|
|
|
- wireguard_centos7_installation_method == "kernel-plus"
|
|
|
|
block:
|
|
|
|
- name: (CentOS 7) Install EPEL repository & yum utils
|
|
|
|
ansible.builtin.yum:
|
|
|
|
name:
|
|
|
|
- epel-release
|
|
|
|
- yum-utils
|
|
|
|
update_cache: "{{ wireguard_update_cache }}"
|
|
|
|
|
|
|
|
- name: (CentOS 7 - kernel-plus) Enable CentosPlus repo
|
|
|
|
ansible.builtin.command: yum-config-manager --setopt=centosplus.includepkgs=kernel-plus --enablerepo=centosplus --save
|
|
|
|
changed_when: false
|
|
|
|
|
|
|
|
- name: (CentOS 7 - kernel-plus) Update to kernel-plus
|
|
|
|
ansible.builtin.replace:
|
|
|
|
path: /etc/sysconfig/kernel
|
|
|
|
regexp: '^DEFAULTKERNEL=kernel$'
|
|
|
|
replace: 'DEFAULTKERNEL=kernel-plus'
|
|
|
|
|
|
|
|
- name: (CentOS 7 - kernel-plus) Install WireGuard packages
|
|
|
|
ansible.builtin.yum:
|
|
|
|
name:
|
|
|
|
- "kernel-plus"
|
|
|
|
- "wireguard-tools"
|
|
|
|
state: present
|
|
|
|
register: wireguard__centos7_yum_updates
|
|
|
|
|
|
|
|
- name: (CentOS 7 - kernel-plus) Reboot Instance to update kernel
|
|
|
|
when:
|
|
|
|
- wireguard_centos7_kernel_plus_reboot
|
|
|
|
- wireguard__centos7_yum_updates.changes is defined
|
|
|
|
- wireguard__centos7_yum_updates.changes.installed|flatten|select('regex', '^kernel-plus$') is any
|
|
|
|
ansible.builtin.reboot:
|
|
|
|
reboot_timeout: "{{ wireguard_centos7_kernel_plus_reboot_timeout }}"
|