Commit Graph

49 Commits (434fe955ca810b42d68d7d73463f1de2449b4073)

Author SHA1 Message Date
Robert Wimmer 6b5fbe8b32
Updates (#150)
* update CHANGELOG

* fix typo

* fix host groups: el8-dkms -> el8dkms

* remove empty line

* update CHANGELOG
3 years ago
Robert Wimmer 2b3c878715
honor wireguard_save_config value (#149)
* honor wireguard_save_config value

* update CHANGELOG
3 years ago
Robert Wimmer ac98583ab5
Various updates (#142)
* move wireguard_private_key up in variable order in defaults/main.yml

* add opensuse 15.3 to Galaxy metadata

* remove trailing space

* remove blank line

* fix indentation in setup-debian.yml

* rename test-wg-opensuse-leap to test-wg-opensuse-leap-15-2 in molecule.yml

* add OpenSUSE 15.3 to Molecule test

* remove OpenSUSE Leap 15.2 support (EOL)

* remove Fedora 33 support (EOL)

* remove Fedora 33 + openSUSE Leap 15.2 variables from Molecule test

* add Fedora 35 support

* remove CentOS 8 support (EOL) - use AlmaLinux or Rocky Linux instead

* remove tasks/setup-centos-8.yml (CentOS 8 reached EOL)

* fix formatting issues and typos in README + CHANGELOG

* update CHANGELOG

* truthy value should false in tasks/setup-debian-pve-guest-variant.yml

* name task in tasks/main.yml

* name tasks in tasks/setup-debian.yml

* refactor Molecule setup

* remove Proxmox from Molecule test

* update CHANGELOG

* update CHANGELOG

* re-order IP address in Molecule test

* use different wireguard_port values for a few hosts in Molecule test for better testing
3 years ago
Felix Mai c4a5677f72
General improvements (#138)
* Rearrange hooks to match lifecycle order

* Fully qualify module names

BREAKING CHANGE: To use FQCNs at least Ansible 2.9 is required [2].

From the commonly presented note in the Ansible documentation, e. g.
of Ansible's builtin debug module [1]:

  [...] we recommend you use the FQCN for easy linking to the module
  documentation and to avoid conflicting with other collections that
  may have the same module name.

[1]: https://docs.ansible.com/ansible/latest/collections/ansible/builtin/debug_module.html
[2]: https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#where-did-all-the-modules-go

* Update changelog
3 years ago
Tobias Richter 5caaea2047
PVE guest and host detection (#127)
* Distinguish between proxmox host and guest setup

* Update CHANGELOG.md
3 years ago
Robert Wimmer 5f5320010f
add Molecule test for CentOS 7 kernel-plus (#131) 3 years ago
John Potter 4626475a9c
feat: Update CentOS 7 to use signed kernel-plus module (#129)
* feat: Update CentOS 7 to use signed kernel-plus module

* Apply suggestions from code review

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update CentOS 7 for optional signed kernel-plus module

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
3 years ago
Robert Wimmer 692cce2f55
Add Rocky Linux/AlmaLinux support + Molecule tests (#123)
* Add Rocky Linux/AlmaLinux support + Molecule tests

* update CHANGELOG
3 years ago
Robert Wimmer 527c9ae967
Debian 11 + Fedora 34 support / Fedora 32 support removed (#118)
* add Debian 11 aka Bullseye

* add Debian 11 aka Bullseye to Molecule test

* update README

* added Fedora 34 + removed Fedora 32 support from meta/main.yml

* Debian 11 do not need kernel headers anymore

* remove Fedora 32 from Molecule test / add Fedora 34 + Debian 11 to Molecule test

* add rolename/namespace + make ansible-lint happy in meta/main.yml

* make ansible-lint happy

* (Archlinux) As linux-lts is using kernel 5.10 now there is no need to install wireguard-lts tools any longer (and this package is gone anyway)

* (Debian) fix ansible-lint issues

* update CHANGELOG
3 years ago
Robert Wimmer 027eaa99f7
update README for v7.12.0 of this role (#111) 3 years ago
Robert Wimmer 57340b6c06
Update readme chlog formatting (#108)
* handlers/main.yml: better formatting

* update README/CHANGELOG
4 years ago
Robert Wimmer 5178a9a097
update CHANGELOG (#100) 4 years ago
Robert Wimmer 364b1fe4f0
remove Fedora 31 support / add Fedora 33 support (#94)
* added support Fedora 33 support / remove Fedora 31 support

* update playbooks example

* add credits
4 years ago
Robert Wimmer 4c21076cb2
added support for openSUSE Leap 15.2 (#89) 4 years ago
Stefan Haun 5c0014aa62
Raspberry Pi: Use Backports instead of Debian Unstable (#88)
* Use Debian backports repositories

Use Debian backports instead of unstable to get wireguard. This is a more
stable solution and has less impact on the system.

Unfortunately a reboot is still required.

* Fix boot paths

* Update Changelog, switch to 7.7.0
4 years ago
Julien Reichardt c0e3e13e0a
Add wireguard_private_key variable (#69)
* Fix check mode for Debian

* Add wireguard_private_key variable

* Release 7.6.0

* Fix undefined `wg_syncconf` when using tags
4 years ago
Robert Wimmer 65e94eaebb
Fix Ubuntu 18 install (#85)
* CHANGELOG formatting

* No need to use PPA for Ubuntu 18 any longer

* update CHANGELOG

* Bring back task to install support packages for Ubuntu < 19.10 just to be sure
4 years ago
Robin Schneider db8bec1b0a
REUSE Specification v3.0 and other minor stuff (#76)
* Add editor fold sections

* Remove trailing whitespace

* Make the repo compliant with REUSE Specification v3.0

Closes: #71

Email addresses have all been removed from this commit as requested by
githubixx.

* Use common namespace "wireguard" for role facts

* Fix typo

* Explicitly state that GPL-3.0-or-later applies

Closes: #72
4 years ago
githubixx c009cac619 update CHANGELOG 4 years ago
Robin Schneider 0eac8789aa
Debian only: Ensure DKMS builds for the currently running kernel
Closes: #62
4 years ago
Robin Schneider cc0c5751b6
Add changelog entry for my first review/improvements round 4 years ago
Robin Schneider f3c590665d
WireGuard should be written "WireGuard" 4 years ago
Robin Schneider eb6a54a0a7
Fix typos 4 years ago
Robert Wimmer 4082794706
update README/CHANGELOG (#75) 4 years ago
Ruben Di Battista 3ef759edbb
Add basic support for macOS (#61)
Add macOS details in the README

Fix Archlinux spelling

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

Remove additional linux.yml file, use conditional block instead

Add CHANGELOG entry

Bump to 7.2.0 in CHANGELOG

Invert OS check on Darwin instead of Linux
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
4 years ago
Joonas Kuorilehto ee456757ed
Add support for unmanaged WireGuard peers (#63)
* Add support for unmanaged WireGuard peers

Add variable wireguard_extra_peer_config that is raw WireGuard
configuration appended to the peers section. Value is a string
containing arbitrary wg-quick syntax.

This closes #41, and closes #45.

* update CHANGELOG (#63)

* Change unmanaged peers to dictionary instead of string

Based on review comment by @j8r in #63.

* README: update preshared_key example

Update wireguard_unmanaged_peers example for preshared_key.
Make it a comment to highlight it is optional and should probably be handled
like other secrets.

* Clean up jinja2 syntax

Based on review comments.

* Remove unneeded if of required public_key

The public_key is required for a wireguard peer so remove the if from
wireguard_unmanaged_peers public_key. The effect is that it is a syntax
error from Ansible rather than failing config validation when the config
has already been written and fails to load.
4 years ago
Roman Danko c1f413f966
Switched to ELRepo for Centos (#59)
* Switched to ELRepo for Centos (#50)
- added switch to differentiate setup of Centos7/8
- replaced old repository by officialy recomended
- added step to remove old dkms wireguard package
- switched to install KMOD wireguard package

* Updated CHANGELOG after switching to ELRepo for Centos

* Update CHANGELOG.md

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Updted CHANGELOG: added notice about old wireguard Centos repository removal

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
4 years ago
Robert Wimmer d5b81cb75e
update CHANGELOG (#57)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 359d601008
update CHANGELOG for version 6.3.0 (#56)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 9f76b8baf5
Support Ubuntu 20.04 (#52)
* update Ansible Galaxy meta info (added Ubunut Focal Fossa / Debian Buster)

* update CHANGELOG (Ubuntu 20.04 support)

* move OS package installation to OS specific subtasks

* update README

* update CHANGELOG

Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 97f566ad85
cleanup (#51)
* update CHANGELOG

* fix typo

* update CHANGELOG

Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Ties de Kock 13621d4d68
Use wireguard from buster-backports on debian if needed (#49)
* Changes wireguard apt repo to buster-backports

* Add repo only on buster or earlier

* No apt pin needed, backports has lower priority than main distribution

* Update CHANGELOG.md

Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Clarify effects of updating on system state

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
5 years ago
Robert Wimmer 9be9694553
update README (version 6.0.3) (#47)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 43ad9a1cfe
add changes for version 6.0.2 (#44)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago
Robert Wimmer 3322faf576
Shell best practice (#40)
* add shell options to syncconf handler to fail fast in case of error

* update CHANGELOG
5 years ago
Robert Wimmer 8e7ed9e702
Use "wg syncconf" if available (#38)
* use wg syncconf if available

* use boolean as variable type for wg_syncconf

* update CHANGELOG

* update README
5 years ago
Robert Wimmer f97210d2ad
Update readme (#37)
* update README/CHANGELOG

* update CHANGELOG
5 years ago
Ties de Kock 7826119ea7 Add basic fedora support (#32)
* Add basic fedora support

* Add Fedora to metadata, update Changelog
5 years ago
githubixx e59c8bd027 update CHANGELOG 5 years ago
githubixx d281a98d5b update CHANGELOG 5 years ago
fbourqui a357e5fab1 Merge stateless idea with no local storage of public and private keys, support multiple interface per hosts using several groups (#29)
* merge stateless with no storage of local priv key

* Delete locally stored private key

* add reload module on update config file

* privatekey template is not used anymore

* remove all local keys priv and public

* use ansible_play_hosts instead of hardcoded vpn grp
should use the group in the play calling the role.
works fine when hosts bellong to several groups

* Clean tasks names

* add tag, and cleanup

* fix private key creation

* Support for mutliple wireguard vpn on same host
add inventory exemple in readme

* fix typo, add some comment on inventory

* add  wg-config tag to Check config:
allow  run  with -t - wg-config

* Update tasks/main.yml

Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* remove trailing whitespace

* Update templates/wg.conf.j2

Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update templates/wg.conf.j2

Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* changes after githubixx code review

* readd new line to separate peers in config
5 years ago
Robert Wimmer 9a0e70ee25
remove unneeded with_inventory_hostnames loops (#27)
* remove unneeded with_inventory_hostnames loops

* update CHANGELOG
5 years ago
Robert Wimmer fa595d8f35
update CHANGELOG (#21) 5 years ago
Alex Hanselka 21706b822a add CentOS support (#9) 6 years ago
Robert Wimmer 663dfcb2f2
update CHANGELOG for version 3.1.0 (#11) 6 years ago
githubixx 897053ae02 fix address in README 6 years ago
Robert Wimmer 8cacff8776
update README / CHANGELOG / Ansible meta (#7) 6 years ago
githubixx 2ef8f8cae4 update CHANGELOG / version 2.0.1 6 years ago
githubixx a1794a99f6 update README 6 years ago