diff --git a/defaults/main.yml b/defaults/main.yml index 39281c7..81c56d8 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -57,3 +57,16 @@ wireguard_centos7_installation_method: "standard" # The default seconds to wait for machine to reboot and respond wireguard_centos7_kernel_plus_reboot_timeout: "600" + +######################################### +# Settings only relevant for RockyLinux 8 +######################################### + +# Set wireguard_rockylinux8_installation_method to "dkms" +# to build WireGuard module from source, with wireguard-dkms. +# This is required if you use a custom kernel and/or your arch +# is not x64_64. +# +# The default of "standard" will install the kernel module +# with kmod-wireguard from ELRepo. +wireguard_rockylinux8_installation_method: "standard" diff --git a/molecule/kvm/molecule.yml b/molecule/kvm/molecule.yml index 8d82642..8fb9869 100644 --- a/molecule/kvm/molecule.yml +++ b/molecule/kvm/molecule.yml @@ -136,6 +136,17 @@ platforms: groups: - vpn - fedora + - name: test-wg-rocky8-dkms + box: generic/rocky8 + interfaces: + - auto_config: true + network_name: private_network + type: static + ip: 192.168.10.130 + groups: + - vpn + - el8 + - el8-dkms provisioner: name: ansible @@ -211,6 +222,12 @@ provisioner: wireguard_port: 51823 wireguard_persistent_keepalive: "30" wireguard_endpoint: "192.168.10.120" + test-wg-rocky8-dkms: + wireguard_address: "10.10.10.130/24" + wireguard_port: 51820 + wireguard_persistent_keepalive: "30" + wireguard_endpoint: "192.168.10.130" + wireguard_rockylinux8_installation_method: "dkms" scenario: name: kvm diff --git a/molecule/kvm/prepare.yml b/molecule/kvm/prepare.yml index c06b9dd..a813304 100644 --- a/molecule/kvm/prepare.yml +++ b/molecule/kvm/prepare.yml @@ -45,3 +45,16 @@ ansible.builtin.apt: update_cache: true cache_valid_time: 3600 + +- hosts: el8-dkms + remote_user: vagrant + become: true + gather_facts: true + tasks: + - name: Install ELRepo mainline kernel + ansible.builtin.raw: | + rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org + dnf install -y https://www.elrepo.org/elrepo-release-8.el8.elrepo.noarch.rpm + dnf --enablerepo=elrepo-kernel install -y kernel-ml + changed_when: false + failed_when: false diff --git a/tasks/setup-rocky-8.yml b/tasks/setup-rocky-8.yml index 7f2da15..894b98e 100644 --- a/tasks/setup-rocky-8.yml +++ b/tasks/setup-rocky-8.yml @@ -2,22 +2,56 @@ # Copyright (C) 2021 Robert Wimmer # SPDX-License-Identifier: GPL-3.0-or-later -- name: (Rocky Linux 8) Install EPEL & ELRepo repository - ansible.builtin.yum: - name: - - epel-release - - elrepo-release - update_cache: true - -- name: (Rocky Linux 8) Ensure WireGuard DKMS package is removed - ansible.builtin.yum: - name: - - "wireguard-dkms" - state: absent - -- name: (Rocky Linux 8) Install WireGuard packages - ansible.builtin.yum: - name: - - "kmod-wireguard" - - "wireguard-tools" - state: present +- name: (Rocky Linux 8) Tasks for standard kernel + block: + - name: (Rocky Linux 8) Install EPEL & ELRepo repository + ansible.builtin.yum: + name: + - epel-release + - elrepo-release + update_cache: true + + - name: (Rocky Linux 8) Ensure WireGuard DKMS package is removed + ansible.builtin.yum: + name: + - "wireguard-dkms" + state: absent + + - name: (Rocky Linux 8) Install WireGuard packages + ansible.builtin.yum: + name: + - "kmod-wireguard" + - "wireguard-tools" + state: present + when: + - wireguard_rockylinux8_installation_method == "standard" + +- name: (Rocky Linux 8) Tasks for non-standard kernel + block: + - name: (Rocky Linux 8) Install jdoss/wireguard COPR repository + community.general.copr: + state: enabled + name: jdoss/wireguard + chroot: epel-8-{{ ansible_architecture }} + + - name: (Rocky Linux 8) Install EPEL repository + ansible.builtin.yum: + name: + - epel-release + update_cache: true + + - name: (Rocky Linux 8) Ensure WireGuard KMOD package is removed + ansible.builtin.yum: + name: + - "kmod-wireguard" + state: absent + + - name: (Rocky Linux 8) Install WireGuard packages + ansible.builtin.yum: + name: + - "wireguard-dkms" + - "wireguard-tools" + state: present + when: + - wireguard_rockylinux8_installation_method == "dkms" +