Commit Graph

127 Commits (8a3fad98594be99984d464b1131911a6e1de76ab)
 

Author SHA1 Message Date
githubixx 8a3fad9859 Merge branch 'commongoodtechnology-update_cache_all' 2 years ago
githubixx 4e6c265663 update CHANGELOG 2 years ago
githubixx 65b7567414 update README and defaults/main.yml 2 years ago
githubixx e621ba4b9f molecule/kvm/prepare.yml: fix Archlinux preperation 2 years ago
githubixx 053f187100 AlmaLinux 9: update package manager cache by default 2 years ago
githubixx 4d51195462 openSUSE: update package manager cache by default 2 years ago
githubixx dabf45c78b Archlinux: update package manager cache by default 2 years ago
githubixx ada56ca65b Fedora: update package manager cache by default 2 years ago
githubixx 7fbb316965 Rocky Linux 9: update package manager cache by default 2 years ago
githubixx 9f8e446ff1 fix merge conflict in CHANGELOG 2 years ago
Robert Wimmer 0cd8d01fb3
Update CentOS7 reboot handling (#186)
* fix typos in CHANGELOG

* update CentOS7 reboot handling
2 years ago
mofelee c58f736e32
Add reboot to the standard mode (#184) 2 years ago
Sebastian Wagner 314fec5248
option wireguard_update_cache to disable refresh
previously disable the cache update was only possible on ubuntu
using the generic name wireguard_update_cache it can be enabled for all
operating systems
2 years ago
Robert Wimmer c6159d4205
update CHANGELOG (#183) 2 years ago
Mathéo Cimbaro 5205445786
Fixed Readme (#182)
Fixed dd64b7bf2a (r102734826)
2 years ago
Mathéo Cimbaro dd64b7bf2a
Allow to use multiple addresses and added IPv6 support (#174)
* Basic IPv6 support

Hosts can now have one IPv6, by specifying 'wireguard_address_v6' variable. This IP is added to peer's AllowedIPs.

Future plans :
- Support IPv6 only hosts (No 'wireguard_address')
- Allow the endpoint to be an IPv6 address

* Added 'wireguard_addresses' to use multiple IPs

Added the 'wireguard_addresses' variable to specify an array of IPv4 and IPv6. The old 'wireguard_address' variable can be deprecated even she still work to specify one IPv4.

The 'wireguard_address_v6' from last commit was deleted.

* Updating the README to use `wireguard_addresses`

* 13.0.0 changelog
2 years ago
Robert Wimmer 4631fbdc06
12.0.0 (#181)
* Fix Molecule prepare for Archlinux

* remove Debian 10 (Buster) support (readed EOL)

* remove openSUSE 15.3 support (reached EOL)

* add openSUSE 15.4 to meta/main.yml

* fix ansible-lint issue in tasks/setup-debian-raspbian-buster.yml

* remove Fedora 35 support (reached EOL)

* update CHANGELOG
2 years ago
Robert Wimmer f6a6e4680a
Support elementary OS (#171)
* add support for elementary OS

* update README

* add skip_ansible_lint for two tasks

* ignore two ansible-lint warnings for Raspbian Buster tasks

* update CHANGELOG

* update comment in defaults/main.yml and README
2 years ago
Robert Wimmer f4573c5e8f
Rocky Linux + AlmaLinux support (#168)
* add EL9 to meta/main.yml

* require Ansible >= 2.11 as Rocky Linux is only supported with this version or above

* ansible-lint: use community.general.pacman module instead of ansible.builtin.pacman for Archlinux setup

* add support for Rocky Linux 9 and AlmaLinux 9

* add openSUSE Leap 15.4 to README.md

* update CHANGELOG.md
2 years ago
Robert Wimmer 3821005839
v10.0.0 (#162)
* remove support for Fedora 35 / add support for Fedora 36

* remove Fedora 34 + add Fedora 36 to Molecule test

* fix Jinja2 spacing

* fix Jinja2 spacing

* improve the task key order to: name, when, tags, block

* handlers/main.yml: names should start with an uppercase letter

* tasks/main.yml: names should start with an uppercase letter

* add .yamllint

* add Github release action to push new release to Ansible Galaxy

* add Molecule setup for openSUSE 15.4

* molecule/kvm-single-server: add verify.yml / enable verifier

* update CHANGELOG
2 years ago
Robert Wimmer fad7b1d7b0
Support Ubuntu 22.04 (Jammy Jellyfish) (#159)
* add Ubuntu 22.04 (Jammy Jellyfish) support

* update README
3 years ago
Robert Wimmer 8d395dd014
update CHANGELOG for 9.2.0 (#157)
* update CHANGELOG

* fix typo
3 years ago
Andrew Johnson f624b439e6
fix: Do not require lsb-release on Debian (#154) 3 years ago
Robert Wimmer 4e5adac691
Change restart handling / add very basic unit test (#156)
* move register if config/private key handling out of wg subcommands block

* allow user to specify WireGuard interface restart behavior

* update README

* numeric values in meta/main.yml should be strings

* update Copyright

* fix indentation in tasks/setup-debian.yml

* update Copyright

* update Copyright

* truthy values should be lowercase

* add namespace key again to meta/main.yml

* add molecule/kvm/verify.yml with a very basic unit test
3 years ago
Stefan Haun 434fe955ca
Specify Raspbian playbook for Buster and below (#119)
* Call Raspbian role only when Release is older than 11 (Bullseye)

* Rename raspbian-role to mark that it is intended for Buster and lower

Wireguard is directly supported by Raspbian 11 (Bullseye) and higher.

* Add a note regarding the scope of the Raspbian playbook
3 years ago
Robert Wimmer 6b5fbe8b32
Updates (#150)
* update CHANGELOG

* fix typo

* fix host groups: el8-dkms -> el8dkms

* remove empty line

* update CHANGELOG
3 years ago
gitouche 59651ccb2a
Add non-standard kernel installation for RockyLinux 8 (#146)
* Add non-standard kernel installation for RockyLinux 8

* Add test VM in molecule tests for Rocky8 non-standard installation method

* Rename non-standard to dkms as an install method

* Automate installation process : kmod if possible, dkms as fallback

* BUGFIX : dmks installation needs EPEL repo for wireguard-tools

* Molecule : install ELRepo mainline kernel for rocky8 dkms installation

* Revert "Automate installation process : kmod if possible, dkms as fallback"

This reverts commit 822fbcbe5d8c484ecd984df57fd170749d6b97c1.

* Molecule : add wireguard_rockylinux8_installation_method variable to test-wg-rocky8-dkms
3 years ago
Robert Wimmer 2b3c878715
honor wireguard_save_config value (#149)
* honor wireguard_save_config value

* update CHANGELOG
3 years ago
Robert Wimmer d0df49bbfa
Add Molecule single server + two clients example (#148)
* add Molecule scenario for single server

* change verifier to Ansible
3 years ago
Chazza 6129398453
Examples should use public not private keys (#143) 3 years ago
Robert Wimmer ac98583ab5
Various updates (#142)
* move wireguard_private_key up in variable order in defaults/main.yml

* add opensuse 15.3 to Galaxy metadata

* remove trailing space

* remove blank line

* fix indentation in setup-debian.yml

* rename test-wg-opensuse-leap to test-wg-opensuse-leap-15-2 in molecule.yml

* add OpenSUSE 15.3 to Molecule test

* remove OpenSUSE Leap 15.2 support (EOL)

* remove Fedora 33 support (EOL)

* remove Fedora 33 + openSUSE Leap 15.2 variables from Molecule test

* add Fedora 35 support

* remove CentOS 8 support (EOL) - use AlmaLinux or Rocky Linux instead

* remove tasks/setup-centos-8.yml (CentOS 8 reached EOL)

* fix formatting issues and typos in README + CHANGELOG

* update CHANGELOG

* truthy value should false in tasks/setup-debian-pve-guest-variant.yml

* name task in tasks/main.yml

* name tasks in tasks/setup-debian.yml

* refactor Molecule setup

* remove Proxmox from Molecule test

* update CHANGELOG

* update CHANGELOG

* re-order IP address in Molecule test

* use different wireguard_port values for a few hosts in Molecule test for better testing
3 years ago
Anes Belfodil 840f56262d
Remove unnecessary and buggy check preventing proper port from being set in peers (#112) 3 years ago
Felix Mai c4a5677f72
General improvements (#138)
* Rearrange hooks to match lifecycle order

* Fully qualify module names

BREAKING CHANGE: To use FQCNs at least Ansible 2.9 is required [2].

From the commonly presented note in the Ansible documentation, e. g.
of Ansible's builtin debug module [1]:

  [...] we recommend you use the FQCN for easy linking to the module
  documentation and to avoid conflicting with other collections that
  may have the same module name.

[1]: https://docs.ansible.com/ansible/latest/collections/ansible/builtin/debug_module.html
[2]: https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#where-did-all-the-modules-go

* Update changelog
3 years ago
Tobias Richter 5caaea2047
PVE guest and host detection (#127)
* Distinguish between proxmox host and guest setup

* Update CHANGELOG.md
3 years ago
Robert Wimmer 5f5320010f
add Molecule test for CentOS 7 kernel-plus (#131) 3 years ago
John Potter 4626475a9c
feat: Update CentOS 7 to use signed kernel-plus module (#129)
* feat: Update CentOS 7 to use signed kernel-plus module

* Apply suggestions from code review

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update CentOS 7 for optional signed kernel-plus module

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
3 years ago
Robert Wimmer 692cce2f55
Add Rocky Linux/AlmaLinux support + Molecule tests (#123)
* Add Rocky Linux/AlmaLinux support + Molecule tests

* update CHANGELOG
3 years ago
Robert Wimmer 527c9ae967
Debian 11 + Fedora 34 support / Fedora 32 support removed (#118)
* add Debian 11 aka Bullseye

* add Debian 11 aka Bullseye to Molecule test

* update README

* added Fedora 34 + removed Fedora 32 support from meta/main.yml

* Debian 11 do not need kernel headers anymore

* remove Fedora 32 from Molecule test / add Fedora 34 + Debian 11 to Molecule test

* add rolename/namespace + make ansible-lint happy in meta/main.yml

* make ansible-lint happy

* (Archlinux) As linux-lts is using kernel 5.10 now there is no need to install wireguard-lts tools any longer (and this package is gone anyway)

* (Debian) fix ansible-lint issues

* update CHANGELOG
3 years ago
Robert Wimmer 027eaa99f7
update README for v7.12.0 of this role (#111) 3 years ago
Jan Gaßner 871d1e4497
Fix tag "wg-install" & Add no_log (#110)
* Fixed tag "wg-install" inheritance to included tasks
Fixes #109

* Added no_log to tasks handling private keys - can be explicitly deactivated for debugging by running with verbosity 3 or higher
Fixes #81
3 years ago
Robert Wimmer 57340b6c06
Update readme chlog formatting (#108)
* handlers/main.yml: better formatting

* update README/CHANGELOG
4 years ago
tjend 2d6e36572b
Allow disabling service (#107) 4 years ago
Robert Wimmer 5178a9a097
update CHANGELOG (#100) 4 years ago
Jamison Lofthouse a41231675f
Check if wireguard_endpoint exists before checking if it is empty (#92) 4 years ago
Robert Wimmer 663d3b9a5f
Support for Proxmox (#99)
* add PVE to the recipe

* Update tasks/setup-debian-pve-variant.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update tasks/setup-debian-pve-variant.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update tasks/setup-debian-pve-variant.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* Update tasks/setup-debian.yml

Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>

* On Proxmox ansible_lsb.id variable is not set

* change when condition for include task setup-debian-vanilla.yml to a list

* add Molecule test for Proxmox

* use file module to delete /var/lib/apt/lists/lock for Proxmox in Molecule test

Co-authored-by: Steve Fan <29133953+stevefan1999-personal@users.noreply.github.com>
4 years ago
Robert Wimmer 364b1fe4f0
remove Fedora 31 support / add Fedora 33 support (#94)
* added support Fedora 33 support / remove Fedora 31 support

* update playbooks example

* add credits
4 years ago
Maxim Burgerhout 0c6c1b8b80
Fix Fedora support (#93)
Fedora 32 still installs the copr repo and the dkms module. I assume
that is still necessary for Fedora 32, though I have no box to test it
with.

If the user is on Fedora 33 or higher, the default setup-fedora.yml is
used, which no longer installs the copr repo, nor the dkms module since
neither are necessary anymore.
4 years ago
leggewie bb77be4d97
Update README.md (#90)
Add a link to the Ansible Galaxy page
4 years ago
Robert Wimmer 4c21076cb2
added support for openSUSE Leap 15.2 (#89) 4 years ago
Stefan Haun 5c0014aa62
Raspberry Pi: Use Backports instead of Debian Unstable (#88)
* Use Debian backports repositories

Use Debian backports instead of unstable to get wireguard. This is a more
stable solution and has less impact on the system.

Unfortunately a reboot is still required.

* Fix boot paths

* Update Changelog, switch to 7.7.0
4 years ago