* Basic IPv6 support
Hosts can now have one IPv6, by specifying 'wireguard_address_v6' variable. This IP is added to peer's AllowedIPs.
Future plans :
- Support IPv6 only hosts (No 'wireguard_address')
- Allow the endpoint to be an IPv6 address
* Added 'wireguard_addresses' to use multiple IPs
Added the 'wireguard_addresses' variable to specify an array of IPv4 and IPv6. The old 'wireguard_address' variable can be deprecated even she still work to specify one IPv4.
The 'wireguard_address_v6' from last commit was deleted.
* Updating the README to use `wireguard_addresses`
* 13.0.0 changelog
* move register if config/private key handling out of wg subcommands block
* allow user to specify WireGuard interface restart behavior
* update README
* numeric values in meta/main.yml should be strings
* update Copyright
* fix indentation in tasks/setup-debian.yml
* update Copyright
* update Copyright
* truthy values should be lowercase
* add namespace key again to meta/main.yml
* add molecule/kvm/verify.yml with a very basic unit test
* Add editor fold sections
* Remove trailing whitespace
* Make the repo compliant with REUSE Specification v3.0
Closes: #71
Email addresses have all been removed from this commit as requested by
githubixx.
* Use common namespace "wireguard" for role facts
* Fix typo
* Explicitly state that GPL-3.0-or-later applies
Closes: #72
Those variables are directly in the namespace. Using the long form is
uncommon. A case could have been made if the later section of the config
(which uses `hostvars[host]`) has similar semantics but that is not the
case as those are peer sections.
* Add support for unmanaged WireGuard peers
Add variable wireguard_extra_peer_config that is raw WireGuard
configuration appended to the peers section. Value is a string
containing arbitrary wg-quick syntax.
This closes#41, and closes#45.
* update CHANGELOG (#63)
* Change unmanaged peers to dictionary instead of string
Based on review comment by @j8r in #63.
* README: update preshared_key example
Update wireguard_unmanaged_peers example for preshared_key.
Make it a comment to highlight it is optional and should probably be handled
like other secrets.
* Clean up jinja2 syntax
Based on review comments.
* Remove unneeded if of required public_key
The public_key is required for a wireguard peer so remove the if from
wireguard_unmanaged_peers public_key. The effect is that it is a syntax
error from Ansible rather than failing config validation when the config
has already been written and fails to load.
* merge stateless with no storage of local priv key
* Delete locally stored private key
* add reload module on update config file
* privatekey template is not used anymore
* remove all local keys priv and public
* use ansible_play_hosts instead of hardcoded vpn grp
should use the group in the play calling the role.
works fine when hosts bellong to several groups
* Clean tasks names
* add tag, and cleanup
* fix private key creation
* Support for mutliple wireguard vpn on same host
add inventory exemple in readme
* fix typo, add some comment on inventory
* add wg-config tag to Check config:
allow run with -t - wg-config
* Update tasks/main.yml
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* remove trailing whitespace
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* changes after githubixx code review
* readd new line to separate peers in config
* initial implementation - part 1
* first working version
* add handler
* separate includes for Debian based and Archlinux OS
* refactor
* update
* add meta tag
* added ArchLinux to galaxy meta info
* rename file / add more Wiregurad config options
* fix typo
* update README
* update README
* fixed typos
* update README / variable rename: wireguard_ip -> wireguard_address
