Commit Graph

91 Commits (692cce2f55b0a9e9dce635061345f787a5f37a02)
 

Author SHA1 Message Date
Robert Wimmer 692cce2f55
Add Rocky Linux/AlmaLinux support + Molecule tests (#123)
* Add Rocky Linux/AlmaLinux support + Molecule tests

* update CHANGELOG
3 years ago
Robert Wimmer 527c9ae967
Debian 11 + Fedora 34 support / Fedora 32 support removed (#118)
* add Debian 11 aka Bullseye

* add Debian 11 aka Bullseye to Molecule test

* update README

* added Fedora 34 + removed Fedora 32 support from meta/main.yml

* Debian 11 do not need kernel headers anymore

* remove Fedora 32 from Molecule test / add Fedora 34 + Debian 11 to Molecule test

* add rolename/namespace + make ansible-lint happy in meta/main.yml

* make ansible-lint happy

* (Archlinux) As linux-lts is using kernel 5.10 now there is no need to install wireguard-lts tools any longer (and this package is gone anyway)

* (Debian) fix ansible-lint issues

* update CHANGELOG
3 years ago
Robert Wimmer 027eaa99f7
update README for v7.12.0 of this role (#111) 4 years ago
Jan Gaßner 871d1e4497
Fix tag "wg-install" & Add no_log (#110)
* Fixed tag "wg-install" inheritance to included tasks
Fixes #109

* Added no_log to tasks handling private keys - can be explicitly deactivated for debugging by running with verbosity 3 or higher
Fixes #81
4 years ago
Robert Wimmer 57340b6c06
Update readme chlog formatting (#108)
* handlers/main.yml: better formatting

* update README/CHANGELOG
4 years ago
tjend 2d6e36572b
Allow disabling service (#107) 4 years ago
Robert Wimmer 5178a9a097
update CHANGELOG (#100) 4 years ago
Jamison Lofthouse a41231675f
Check if wireguard_endpoint exists before checking if it is empty (#92) 4 years ago
Robert Wimmer 663d3b9a5f
Support for Proxmox (#99)
* add PVE to the recipe

* Update tasks/setup-debian-pve-variant.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update tasks/setup-debian-pve-variant.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update tasks/setup-debian-pve-variant.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update tasks/setup-debian.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* On Proxmox ansible_lsb.id variable is not set

* change when condition for include task setup-debian-vanilla.yml to a list

* add Molecule test for Proxmox

* use file module to delete /var/lib/apt/lists/lock for Proxmox in Molecule test

Co-authored-by: Steve Fan <29133953+stevefan1999-personal@users.noreply.github.com>
4 years ago
Robert Wimmer 364b1fe4f0
remove Fedora 31 support / add Fedora 33 support (#94)
* added support Fedora 33 support / remove Fedora 31 support

* update playbooks example

* add credits
4 years ago
Maxim Burgerhout 0c6c1b8b80
Fix Fedora support (#93)
Fedora 32 still installs the copr repo and the dkms module. I assume
that is still necessary for Fedora 32, though I have no box to test it
with.

If the user is on Fedora 33 or higher, the default setup-fedora.yml is
used, which no longer installs the copr repo, nor the dkms module since
neither are necessary anymore.
4 years ago
leggewie bb77be4d97
Update README.md (#90)
Add a link to the Ansible Galaxy page
4 years ago
Robert Wimmer 4c21076cb2
added support for openSUSE Leap 15.2 (#89) 4 years ago
Stefan Haun 5c0014aa62
Raspberry Pi: Use Backports instead of Debian Unstable (#88)
* Use Debian backports repositories

Use Debian backports instead of unstable to get wireguard. This is a more
stable solution and has less impact on the system.

Unfortunately a reboot is still required.

* Fix boot paths

* Update Changelog, switch to 7.7.0
4 years ago
Robert Wimmer 05fd811928
update Ansible Galaxy metadata (#87) 4 years ago
Julien Reichardt c0e3e13e0a
Add wireguard_private_key variable (#69)
* Fix check mode for Debian

* Add wireguard_private_key variable

* Release 7.6.0

* Fix undefined `wg_syncconf` when using tags
4 years ago
Robert Wimmer 65e94eaebb
Fix Ubuntu 18 install (#85)
* CHANGELOG formatting

* No need to use PPA for Ubuntu 18 any longer

* update CHANGELOG

* Bring back task to install support packages for Ubuntu < 19.10 just to be sure
4 years ago
Robin Schneider db8bec1b0a
REUSE Specification v3.0 and other minor stuff (#76)
* Add editor fold sections

* Remove trailing whitespace

* Make the repo compliant with REUSE Specification v3.0

Closes: #71

Email addresses have all been removed from this commit as requested by
githubixx.

* Use common namespace "wireguard" for role facts

* Fix typo

* Explicitly state that GPL-3.0-or-later applies

Closes: #72
4 years ago
githubixx c009cac619 update CHANGELOG 4 years ago
Robert Wimmer 51cbca51b5
added initial molecule infrastructure (#83)
* add .gitignore file

* add molecule
4 years ago
Ruben Di Battista 47885d8db9
Remove useless block for single task (#82) 4 years ago
Robert Wimmer 4db85a4fda
Merge pull request #77 from ypid/fix/62
Debian only: Ensure DKMS builds for the currently running kernel
4 years ago
Robin Schneider 0eac8789aa
Debian only: Ensure DKMS builds for the currently running kernel
Closes: #62
4 years ago
Robert Wimmer fbf47d2a13
Merge pull request #67 from ypid/improve
Improve coding style, spelling and Debian support
4 years ago
Robin Schneider cc0c5751b6
Add changelog entry for my first review/improvements round 4 years ago
Robin Schneider 739c9de73e
Move wireguard_ip template code to template where it belongs
Instead of redundant set_fact task.
4 years ago
Robin Schneider 3362f1c2fc
Consistent use of spaces in Jinja2 print expressions 4 years ago
Robin Schneider 132c59521a
Drop redundant use of `hostvars[inventory_hostname].` prefix
Those variables are directly in the namespace. Using the long form is
uncommon. A case could have been made if the later section of the config
(which uses `hostvars[host]`) has similar semantics but that is not the
case as those are peer sections.
4 years ago
Robin Schneider a27f805d2d
Ensure that buster-backports will be absent on Debian 11+ 4 years ago
Robin Schneider 2309abf09e
Remove forgotten gnupg pkg that is not needed anymore for Debian vanilla
It was once needed for the apt_key tasks.
4 years ago
Robin Schneider c1049ab647
Debian stretch is not currently supported by the role (anymore)
It once was supported by an "unstable" workaround which has since been
dropped in favor of Debian buster.
4 years ago
Robin Schneider 5d68b0f97f
Prefer the metapackage "wireguard" for later Debian bullseye support 4 years ago
Robin Schneider 8b1ae7d4c2
Remove obsolete .reload-module-on-update file
It does not serve any function anymore after support for module
reloading has been removed from the postinst script in 0.0.20200215-2 on
2020-02-24. A module update is properly signaled via
/run/reboot-required so that the admin can (automatically) schedule a
reboot when convenient. This will also be more in line with future Debian
releases because starting with Debian bullseye, the kernel ships the
module.
4 years ago
Robin Schneider e7588cd047
Fix ansible-lint warning [502] All tasks should be named
Just drop the redundant task
4 years ago
Robin Schneider 81c371c6a2
Solve ansible-lint [201] Trailing whitespace 4 years ago
Robin Schneider a56a4d6600
Properly solve ansible-lint 306 warning about shell task with pipe
Do not ignore such warnings! They are there for a reason!
4 years ago
Robin Schneider 713a7683ef
Move template into it’s fhs place 4 years ago
Robin Schneider 3531334281
Add ansible_managed header to templates files 4 years ago
Robin Schneider c4a21dd0ef
Use common namespace "wireguard" for role facts 4 years ago
Robin Schneider 7a1af464b1
Move condition code into Jinja instead of having two set_fact tasks 4 years ago
Robin Schneider f3c590665d
WireGuard should be written "WireGuard" 4 years ago
Robin Schneider eb6a54a0a7
Fix typos 4 years ago
Robert Wimmer 4082794706
update README/CHANGELOG (#75) 4 years ago
Ruben Di Battista 3ef759edbb
Add basic support for macOS (#61)
Add macOS details in the README

Fix Archlinux spelling

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

Remove additional linux.yml file, use conditional block instead

Add CHANGELOG entry

Bump to 7.2.0 in CHANGELOG

Invert OS check on Darwin instead of Linux
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
4 years ago
Robert Wimmer e9e95f80e0
proper formatting of WireGuard config file / add wireguard_dc variable (#74) 4 years ago
Gabriel Vîjială f35670a0e4
fix typo in syncconf handler (#73) 4 years ago
Joonas Kuorilehto ee456757ed
Add support for unmanaged WireGuard peers (#63)
* Add support for unmanaged WireGuard peers

Add variable wireguard_extra_peer_config that is raw WireGuard
configuration appended to the peers section. Value is a string
containing arbitrary wg-quick syntax.

This closes #41, and closes #45.

* update CHANGELOG (#63)

* Change unmanaged peers to dictionary instead of string

Based on review comment by @j8r in #63.

* README: update preshared_key example

Update wireguard_unmanaged_peers example for preshared_key.
Make it a comment to highlight it is optional and should probably be handled
like other secrets.

* Clean up jinja2 syntax

Based on review comments.

* Remove unneeded if of required public_key

The public_key is required for a wireguard peer so remove the if from
wireguard_unmanaged_peers public_key. The effect is that it is a syntax
error from Ansible rather than failing config validation when the config
has already been written and fails to load.
4 years ago
Joonas Kuorilehto f07cab4243
README: add syntax highlighting language (#64)
Github can render pretty syntax highlighting for YAML and ini
code snippets if it knows the language. Set the language in the
code block header.
4 years ago
Roman Danko c1f413f966
Switched to ELRepo for Centos (#59)
* Switched to ELRepo for Centos (#50)
- added switch to differentiate setup of Centos7/8
- replaced old repository by officialy recomended
- added step to remove old dkms wireguard package
- switched to install KMOD wireguard package

* Updated CHANGELOG after switching to ELRepo for Centos

* Update CHANGELOG.md

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Updted CHANGELOG: added notice about old wireguard Centos repository removal

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
4 years ago
Robert Wimmer d5b81cb75e
update CHANGELOG (#57)
Co-authored-by: githubixx <home@tauceti.net>
5 years ago