skeleton for unmanged hosts

unmanaged-hosts
githubixx 4 years ago
parent d5b81cb75e
commit 9fdcbd9ac7

@ -1,7 +1,7 @@
--- ---
####################################### ################################################################################
# General settings # General settings
####################################### ################################################################################
# Directory to store WireGuard configuration on the remote hosts # Directory to store WireGuard configuration on the remote hosts
wireguard_remote_directory: "/etc/wireguard" wireguard_remote_directory: "/etc/wireguard"
@ -13,9 +13,26 @@ wireguard_port: "51820"
wireguard_interface: "wg0" wireguard_interface: "wg0"
####################################### ################################################################################
# Settings for devices like laptops, tablets, mobiles, etc. not managed by
# Ansible. If you don't have such devices just leave the variables commented.
################################################################################
# Directory to store configurations for unmanaged hosts
wireguard_unmanaged_hosts_directory: "{{ '~/wireguard_unmanaged_hosts' | expanduser }}"
#
wireguard_unmanaged_hosts_list:
- tablet01
- mobile01
#
wireguard_unmanaged_delegate_to: "127.0.0.1"
###############################################################################
# Settings only relevant for Ubuntu # Settings only relevant for Ubuntu
####################################### ###############################################################################
# Set to "false" if package cache should not be updated # Set to "false" if package cache should not be updated
wireguard_ubuntu_update_cache: "true" wireguard_ubuntu_update_cache: "true"

@ -1,8 +1,22 @@
--- ---
- name: Gather instance facts #- name: Gather instance facts
setup: # setup:
- include_tasks: "setup-{{ ansible_distribution|lower }}.yml" #- name: Include distribution specific tasks
# include_tasks: "setup-{{ ansible_distribution|lower }}.yml"
- name: Include unmanaged hosts variables
include_vars:
name: wireguard_unmanaged_host_{{ item }}
dir: vars
extensions:
- yml
- yaml
loop: "{{ wireguard_unmanaged_hosts_list }}"
when: wireguard_unmanaged_hosts_list is defined
- debug: var=wireguard_unmanaged_host_{{ item }}
loop: "{{ wireguard_unmanaged_hosts_list }}"
- name: Enable WireGuard kernel module - name: Enable WireGuard kernel module
modprobe: modprobe:

@ -0,0 +1,14 @@
{{ ansible_managed | comment }}
# For unmanaged host {{ item.item.host }}
# qrencode -t ansiutf8 < /etc/wireguard/{{ item.item.host }}.conf
[Interface]
PrivateKey = {{ item.stdout }}
Address = {{ item.item.allowed_ips }}
{% if item.item.dns is defined %}
DNS = {{ item.item.dns }}
{% endif %}
[Peer]
Endpoint = {{ wireguard_endpoint }}:{{ wireguard_port }}
PublicKey = {{ public_key }}
AllowedIPs = 0.0.0.0/0, ::/0

@ -0,0 +1,4 @@
wireguard_address: "10.8.0.11"
wireguard_port: "51820"
wireguard_dns: "1.1.1.1"
wireguard_mtu: "1492"

@ -0,0 +1,4 @@
wireguard_address: "10.8.0.10"
wireguard_port: "51820"
wireguard_dns: "1.1.1.1"
wireguard_mtu: "1492"
Loading…
Cancel
Save