Commit Graph

63 Commits (34d33d5ffe356f7bc7cd0ab339696d7abc1d054d)

Author SHA1 Message Date
Robert Wimmer 34d33d5ffe
update CHANGELOG for Oracle Linux 9 (#187) 2 years ago
githubixx 4e6c265663 update CHANGELOG 2 years ago
githubixx 9f8e446ff1 fix merge conflict in CHANGELOG 2 years ago
Robert Wimmer 0cd8d01fb3
Update CentOS7 reboot handling (#186)
* fix typos in CHANGELOG

* update CentOS7 reboot handling
2 years ago
mofelee c58f736e32
Add reboot to the standard mode (#184) 2 years ago
Sebastian Wagner 314fec5248
option wireguard_update_cache to disable refresh
previously disable the cache update was only possible on ubuntu
using the generic name wireguard_update_cache it can be enabled for all
operating systems
2 years ago
Robert Wimmer c6159d4205
update CHANGELOG (#183) 2 years ago
Mathéo Cimbaro dd64b7bf2a
Allow to use multiple addresses and added IPv6 support (#174)
* Basic IPv6 support

Hosts can now have one IPv6, by specifying 'wireguard_address_v6' variable. This IP is added to peer's AllowedIPs.

Future plans :
- Support IPv6 only hosts (No 'wireguard_address')
- Allow the endpoint to be an IPv6 address

* Added 'wireguard_addresses' to use multiple IPs

Added the 'wireguard_addresses' variable to specify an array of IPv4 and IPv6. The old 'wireguard_address' variable can be deprecated even she still work to specify one IPv4.

The 'wireguard_address_v6' from last commit was deleted.

* Updating the README to use `wireguard_addresses`

* 13.0.0 changelog
2 years ago
Robert Wimmer 4631fbdc06
12.0.0 (#181)
* Fix Molecule prepare for Archlinux

* remove Debian 10 (Buster) support (readed EOL)

* remove openSUSE 15.3 support (reached EOL)

* add openSUSE 15.4 to meta/main.yml

* fix ansible-lint issue in tasks/setup-debian-raspbian-buster.yml

* remove Fedora 35 support (reached EOL)

* update CHANGELOG
2 years ago
Robert Wimmer f6a6e4680a
Support elementary OS (#171)
* add support for elementary OS

* update README

* add skip_ansible_lint for two tasks

* ignore two ansible-lint warnings for Raspbian Buster tasks

* update CHANGELOG

* update comment in defaults/main.yml and README
2 years ago
Robert Wimmer f4573c5e8f
Rocky Linux + AlmaLinux support (#168)
* add EL9 to meta/main.yml

* require Ansible >= 2.11 as Rocky Linux is only supported with this version or above

* ansible-lint: use community.general.pacman module instead of ansible.builtin.pacman for Archlinux setup

* add support for Rocky Linux 9 and AlmaLinux 9

* add openSUSE Leap 15.4 to README.md

* update CHANGELOG.md
2 years ago
Robert Wimmer 3821005839
v10.0.0 (#162)
* remove support for Fedora 35 / add support for Fedora 36

* remove Fedora 34 + add Fedora 36 to Molecule test

* fix Jinja2 spacing

* fix Jinja2 spacing

* improve the task key order to: name, when, tags, block

* handlers/main.yml: names should start with an uppercase letter

* tasks/main.yml: names should start with an uppercase letter

* add .yamllint

* add Github release action to push new release to Ansible Galaxy

* add Molecule setup for openSUSE 15.4

* molecule/kvm-single-server: add verify.yml / enable verifier

* update CHANGELOG
2 years ago
Robert Wimmer fad7b1d7b0
Support Ubuntu 22.04 (Jammy Jellyfish) (#159)
* add Ubuntu 22.04 (Jammy Jellyfish) support

* update README
3 years ago
Robert Wimmer 8d395dd014
update CHANGELOG for 9.2.0 (#157)
* update CHANGELOG

* fix typo
3 years ago
Robert Wimmer 6b5fbe8b32
Updates (#150)
* update CHANGELOG

* fix typo

* fix host groups: el8-dkms -> el8dkms

* remove empty line

* update CHANGELOG
3 years ago
Robert Wimmer 2b3c878715
honor wireguard_save_config value (#149)
* honor wireguard_save_config value

* update CHANGELOG
3 years ago
Robert Wimmer ac98583ab5
Various updates (#142)
* move wireguard_private_key up in variable order in defaults/main.yml

* add opensuse 15.3 to Galaxy metadata

* remove trailing space

* remove blank line

* fix indentation in setup-debian.yml

* rename test-wg-opensuse-leap to test-wg-opensuse-leap-15-2 in molecule.yml

* add OpenSUSE 15.3 to Molecule test

* remove OpenSUSE Leap 15.2 support (EOL)

* remove Fedora 33 support (EOL)

* remove Fedora 33 + openSUSE Leap 15.2 variables from Molecule test

* add Fedora 35 support

* remove CentOS 8 support (EOL) - use AlmaLinux or Rocky Linux instead

* remove tasks/setup-centos-8.yml (CentOS 8 reached EOL)

* fix formatting issues and typos in README + CHANGELOG

* update CHANGELOG

* truthy value should false in tasks/setup-debian-pve-guest-variant.yml

* name task in tasks/main.yml

* name tasks in tasks/setup-debian.yml

* refactor Molecule setup

* remove Proxmox from Molecule test

* update CHANGELOG

* update CHANGELOG

* re-order IP address in Molecule test

* use different wireguard_port values for a few hosts in Molecule test for better testing
3 years ago
Felix Mai c4a5677f72
General improvements (#138)
* Rearrange hooks to match lifecycle order

* Fully qualify module names

BREAKING CHANGE: To use FQCNs at least Ansible 2.9 is required [2].

From the commonly presented note in the Ansible documentation, e. g.
of Ansible's builtin debug module [1]:

  [...] we recommend you use the FQCN for easy linking to the module
  documentation and to avoid conflicting with other collections that
  may have the same module name.

[1]: https://docs.ansible.com/ansible/latest/collections/ansible/builtin/debug_module.html
[2]: https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#where-did-all-the-modules-go

* Update changelog
3 years ago
Tobias Richter 5caaea2047
PVE guest and host detection (#127)
* Distinguish between proxmox host and guest setup

* Update CHANGELOG.md
3 years ago
Robert Wimmer 5f5320010f
add Molecule test for CentOS 7 kernel-plus (#131) 3 years ago
John Potter 4626475a9c
feat: Update CentOS 7 to use signed kernel-plus module (#129)
* feat: Update CentOS 7 to use signed kernel-plus module

* Apply suggestions from code review

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update CentOS 7 for optional signed kernel-plus module

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
3 years ago
Robert Wimmer 692cce2f55
Add Rocky Linux/AlmaLinux support + Molecule tests (#123)
* Add Rocky Linux/AlmaLinux support + Molecule tests

* update CHANGELOG
3 years ago
Robert Wimmer 527c9ae967
Debian 11 + Fedora 34 support / Fedora 32 support removed (#118)
* add Debian 11 aka Bullseye

* add Debian 11 aka Bullseye to Molecule test

* update README

* added Fedora 34 + removed Fedora 32 support from meta/main.yml

* Debian 11 do not need kernel headers anymore

* remove Fedora 32 from Molecule test / add Fedora 34 + Debian 11 to Molecule test

* add rolename/namespace + make ansible-lint happy in meta/main.yml

* make ansible-lint happy

* (Archlinux) As linux-lts is using kernel 5.10 now there is no need to install wireguard-lts tools any longer (and this package is gone anyway)

* (Debian) fix ansible-lint issues

* update CHANGELOG
3 years ago
Robert Wimmer 027eaa99f7
update README for v7.12.0 of this role (#111) 3 years ago
Robert Wimmer 57340b6c06
Update readme chlog formatting (#108)
* handlers/main.yml: better formatting

* update README/CHANGELOG
4 years ago
Robert Wimmer 5178a9a097
update CHANGELOG (#100) 4 years ago
Robert Wimmer 364b1fe4f0
remove Fedora 31 support / add Fedora 33 support (#94)
* added support Fedora 33 support / remove Fedora 31 support

* update playbooks example

* add credits
4 years ago
Robert Wimmer 4c21076cb2
added support for openSUSE Leap 15.2 (#89) 4 years ago
Stefan Haun 5c0014aa62
Raspberry Pi: Use Backports instead of Debian Unstable (#88)
* Use Debian backports repositories

Use Debian backports instead of unstable to get wireguard. This is a more
stable solution and has less impact on the system.

Unfortunately a reboot is still required.

* Fix boot paths

* Update Changelog, switch to 7.7.0
4 years ago
Julien Reichardt c0e3e13e0a
Add wireguard_private_key variable (#69)
* Fix check mode for Debian

* Add wireguard_private_key variable

* Release 7.6.0

* Fix undefined `wg_syncconf` when using tags
4 years ago
Robert Wimmer 65e94eaebb
Fix Ubuntu 18 install (#85)
* CHANGELOG formatting

* No need to use PPA for Ubuntu 18 any longer

* update CHANGELOG

* Bring back task to install support packages for Ubuntu < 19.10 just to be sure
4 years ago
Robin Schneider db8bec1b0a
REUSE Specification v3.0 and other minor stuff (#76)
* Add editor fold sections

* Remove trailing whitespace

* Make the repo compliant with REUSE Specification v3.0

Closes: #71

Email addresses have all been removed from this commit as requested by
githubixx.

* Use common namespace "wireguard" for role facts

* Fix typo

* Explicitly state that GPL-3.0-or-later applies

Closes: #72
4 years ago
githubixx c009cac619 update CHANGELOG 4 years ago
Robin Schneider 0eac8789aa
Debian only: Ensure DKMS builds for the currently running kernel
Closes: #62
4 years ago
Robin Schneider cc0c5751b6
Add changelog entry for my first review/improvements round 4 years ago
Robin Schneider f3c590665d
WireGuard should be written "WireGuard" 4 years ago
Robin Schneider eb6a54a0a7
Fix typos 4 years ago
Robert Wimmer 4082794706
update README/CHANGELOG (#75) 4 years ago
Ruben Di Battista 3ef759edbb
Add basic support for macOS (#61)
Add macOS details in the README

Fix Archlinux spelling

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

Remove additional linux.yml file, use conditional block instead

Add CHANGELOG entry

Bump to 7.2.0 in CHANGELOG

Invert OS check on Darwin instead of Linux
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
4 years ago
Joonas Kuorilehto ee456757ed
Add support for unmanaged WireGuard peers (#63)
* Add support for unmanaged WireGuard peers

Add variable wireguard_extra_peer_config that is raw WireGuard
configuration appended to the peers section. Value is a string
containing arbitrary wg-quick syntax.

This closes #41, and closes #45.

* update CHANGELOG (#63)

* Change unmanaged peers to dictionary instead of string

Based on review comment by @j8r in #63.

* README: update preshared_key example

Update wireguard_unmanaged_peers example for preshared_key.
Make it a comment to highlight it is optional and should probably be handled
like other secrets.

* Clean up jinja2 syntax

Based on review comments.

* Remove unneeded if of required public_key

The public_key is required for a wireguard peer so remove the if from
wireguard_unmanaged_peers public_key. The effect is that it is a syntax
error from Ansible rather than failing config validation when the config
has already been written and fails to load.
4 years ago
Roman Danko c1f413f966
Switched to ELRepo for Centos (#59)
* Switched to ELRepo for Centos (#50)
- added switch to differentiate setup of Centos7/8
- replaced old repository by officialy recomended
- added step to remove old dkms wireguard package
- switched to install KMOD wireguard package

* Updated CHANGELOG after switching to ELRepo for Centos

* Update CHANGELOG.md

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Updted CHANGELOG: added notice about old wireguard Centos repository removal

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
4 years ago
Robert Wimmer d5b81cb75e
update CHANGELOG (#57)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 359d601008
update CHANGELOG for version 6.3.0 (#56)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 9f76b8baf5
Support Ubuntu 20.04 (#52)
* update Ansible Galaxy meta info (added Ubunut Focal Fossa / Debian Buster)

* update CHANGELOG (Ubuntu 20.04 support)

* move OS package installation to OS specific subtasks

* update README

* update CHANGELOG

Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 97f566ad85
cleanup (#51)
* update CHANGELOG

* fix typo

* update CHANGELOG

Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Ties de Kock 13621d4d68
Use wireguard from buster-backports on debian if needed (#49)
* Changes wireguard apt repo to buster-backports

* Add repo only on buster or earlier

* No apt pin needed, backports has lower priority than main distribution

* Update CHANGELOG.md

Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Clarify effects of updating on system state

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
5 years ago
Robert Wimmer 9be9694553
update README (version 6.0.3) (#47)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 43ad9a1cfe
add changes for version 6.0.2 (#44)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 3322faf576
Shell best practice (#40)
* add shell options to syncconf handler to fail fast in case of error

* update CHANGELOG
5 years ago
Robert Wimmer 8e7ed9e702
Use "wg syncconf" if available (#38)
* use wg syncconf if available

* use boolean as variable type for wg_syncconf

* update CHANGELOG

* update README
5 years ago