diff --git a/CHANGELOG.md b/CHANGELOG.md index aec6e1b..a2fd4ca 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,12 @@ SPDX-License-Identifier: GPL-3.0-or-later Changelog --------- +**8.1.0** + +- add Rocky Linux support +- add AlmaLinux support +- add Molecule tests for Rocky Linux and AlmaLinux + **8.0.0** - add `Debian 11 (Bullseye)` support diff --git a/README.md b/README.md index 744dcf3..140df66 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ This Ansible role is used in my blog series [Kubernetes the not so hard way with In general WireGuard is a network tunnel (VPN) for IPv4 and IPv6 that uses UDP. If you need more information about [WireGuard](https://www.wireguard.io/) you can find a good introduction here: [Installing WireGuard, the Modern VPN](https://research.kudelskisecurity.com/2017/06/07/installing-wireguard-the-modern-vpn/). -This role is mainly tested with Ubuntu 20.04 (Focal Fossa) and Archlinux. Ubuntu 18.04 (Bionic Beaver), Debian 10 (Buster), Debian 11 (Bullseye), Fedora 33 (or later) and CentOS 7/8 should also work and are tested via the provided "Molecule" tests (see further down below). It should also work with `Raspbian Buster` but for this one there is no test available. MacOS (see below) should also work partitially but is only best effort. +This role is mainly tested with Ubuntu 20.04 (Focal Fossa) and Archlinux. Ubuntu 18.04 (Bionic Beaver), Debian 10 (Buster), Debian 11 (Bullseye), Fedora 33 (or later), CentOS 7/8, AlmaLinux and Rocky Linux should also work and are tested via the provided "Molecule" tests (see further down below). It should also work with `Raspbian Buster` but for this one there is no test available. MacOS (see below) should also work partitially but is only best effort. ### Running the VPN on MacOS diff --git a/molecule/kvm/molecule.yml b/molecule/kvm/molecule.yml index 0e85d0d..8c1e04a 100644 --- a/molecule/kvm/molecule.yml +++ b/molecule/kvm/molecule.yml @@ -115,6 +115,24 @@ platforms: ip: 192.168.10.110 groups: - vpn + - name: test-wg-rocky8 + box: generic/rocky8 + interfaces: + - auto_config: true + network_name: private_network + type: static + ip: 192.168.10.120 + groups: + - vpn + - name: test-wg-alma8 + box: generic/alma8 + interfaces: + - auto_config: true + network_name: private_network + type: static + ip: 192.168.10.130 + groups: + - vpn provisioner: name: ansible @@ -184,6 +202,16 @@ provisioner: wireguard_persistent_keepalive: "30" wireguard_endpoint: "192.168.10.110" ansible_python_interpreter: "/usr/bin/python3" + test-wg-rocky8: + wireguard_address: "10.10.10.120/24" + wireguard_port: 51820 + wireguard_persistent_keepalive: "30" + wireguard_endpoint: "192.168.10.120" + test-wg-alma8: + wireguard_address: "10.10.10.130/24" + wireguard_port: 51820 + wireguard_persistent_keepalive: "30" + wireguard_endpoint: "192.168.10.130" scenario: name: kvm diff --git a/tasks/setup-almalinux-8.yml b/tasks/setup-almalinux-8.yml new file mode 100644 index 0000000..e4a7b4a --- /dev/null +++ b/tasks/setup-almalinux-8.yml @@ -0,0 +1,23 @@ +--- +# Copyright (C) 2021 Robert Wimmer +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: (AlmaLinux 8) Install EPEL & ELRepo repository + yum: + name: + - epel-release + - elrepo-release + update_cache: true + +- name: (AlmaLinux 8) Ensure WireGuard DKMS package is removed + yum: + name: + - "wireguard-dkms" + state: absent + +- name: (AlmaLinux 8) Install WireGuard packages + yum: + name: + - "kmod-wireguard" + - "wireguard-tools" + state: present diff --git a/tasks/setup-rocky-8.yml b/tasks/setup-rocky-8.yml new file mode 100644 index 0000000..2409bce --- /dev/null +++ b/tasks/setup-rocky-8.yml @@ -0,0 +1,23 @@ +--- +# Copyright (C) 2021 Robert Wimmer +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: (Rocky Linux 8) Install EPEL & ELRepo repository + yum: + name: + - epel-release + - elrepo-release + update_cache: true + +- name: (Rocky Linux 8) Ensure WireGuard DKMS package is removed + yum: + name: + - "wireguard-dkms" + state: absent + +- name: (Rocky Linux 8) Install WireGuard packages + yum: + name: + - "kmod-wireguard" + - "wireguard-tools" + state: present