* add EL9 to meta/main.yml
* require Ansible >= 2.11 as Rocky Linux is only supported with this version or above
* ansible-lint: use community.general.pacman module instead of ansible.builtin.pacman for Archlinux setup
* add support for Rocky Linux 9 and AlmaLinux 9
* add openSUSE Leap 15.4 to README.md
* update CHANGELOG.md
* move register if config/private key handling out of wg subcommands block
* allow user to specify WireGuard interface restart behavior
* update README
* numeric values in meta/main.yml should be strings
* update Copyright
* fix indentation in tasks/setup-debian.yml
* update Copyright
* update Copyright
* truthy values should be lowercase
* add namespace key again to meta/main.yml
* add molecule/kvm/verify.yml with a very basic unit test
* move wireguard_private_key up in variable order in defaults/main.yml
* add opensuse 15.3 to Galaxy metadata
* remove trailing space
* remove blank line
* fix indentation in setup-debian.yml
* rename test-wg-opensuse-leap to test-wg-opensuse-leap-15-2 in molecule.yml
* add OpenSUSE 15.3 to Molecule test
* remove OpenSUSE Leap 15.2 support (EOL)
* remove Fedora 33 support (EOL)
* remove Fedora 33 + openSUSE Leap 15.2 variables from Molecule test
* add Fedora 35 support
* remove CentOS 8 support (EOL) - use AlmaLinux or Rocky Linux instead
* remove tasks/setup-centos-8.yml (CentOS 8 reached EOL)
* fix formatting issues and typos in README + CHANGELOG
* update CHANGELOG
* truthy value should false in tasks/setup-debian-pve-guest-variant.yml
* name task in tasks/main.yml
* name tasks in tasks/setup-debian.yml
* refactor Molecule setup
* remove Proxmox from Molecule test
* update CHANGELOG
* update CHANGELOG
* re-order IP address in Molecule test
* use different wireguard_port values for a few hosts in Molecule test for better testing
* add Debian 11 aka Bullseye
* add Debian 11 aka Bullseye to Molecule test
* update README
* added Fedora 34 + removed Fedora 32 support from meta/main.yml
* Debian 11 do not need kernel headers anymore
* remove Fedora 32 from Molecule test / add Fedora 34 + Debian 11 to Molecule test
* add rolename/namespace + make ansible-lint happy in meta/main.yml
* make ansible-lint happy
* (Archlinux) As linux-lts is using kernel 5.10 now there is no need to install wireguard-lts tools any longer (and this package is gone anyway)
* (Debian) fix ansible-lint issues
* update CHANGELOG
* Add editor fold sections
* Remove trailing whitespace
* Make the repo compliant with REUSE Specification v3.0
Closes: #71
Email addresses have all been removed from this commit as requested by
githubixx.
* Use common namespace "wireguard" for role facts
* Fix typo
* Explicitly state that GPL-3.0-or-later applies
Closes: #72
Add macOS details in the README
Fix Archlinux spelling
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
Remove additional linux.yml file, use conditional block instead
Add CHANGELOG entry
Bump to 7.2.0 in CHANGELOG
Invert OS check on Darwin instead of Linux
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Add support for unmanaged WireGuard peers
Add variable wireguard_extra_peer_config that is raw WireGuard
configuration appended to the peers section. Value is a string
containing arbitrary wg-quick syntax.
This closes#41, and closes#45.
* update CHANGELOG (#63)
* Change unmanaged peers to dictionary instead of string
Based on review comment by @j8r in #63.
* README: update preshared_key example
Update wireguard_unmanaged_peers example for preshared_key.
Make it a comment to highlight it is optional and should probably be handled
like other secrets.
* Clean up jinja2 syntax
Based on review comments.
* Remove unneeded if of required public_key
The public_key is required for a wireguard peer so remove the if from
wireguard_unmanaged_peers public_key. The effect is that it is a syntax
error from Ansible rather than failing config validation when the config
has already been written and fails to load.
* merge stateless with no storage of local priv key
* Delete locally stored private key
* add reload module on update config file
* privatekey template is not used anymore
* remove all local keys priv and public
* use ansible_play_hosts instead of hardcoded vpn grp
should use the group in the play calling the role.
works fine when hosts bellong to several groups
* Clean tasks names
* add tag, and cleanup
* fix private key creation
* Support for mutliple wireguard vpn on same host
add inventory exemple in readme
* fix typo, add some comment on inventory
* add wg-config tag to Check config:
allow run with -t - wg-config
* Update tasks/main.yml
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* remove trailing whitespace
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* changes after githubixx code review
* readd new line to separate peers in config
* initial implementation - part 1
* first working version
* add handler
* separate includes for Debian based and Archlinux OS
* refactor
* update
* add meta tag
* added ArchLinux to galaxy meta info
* rename file / add more Wiregurad config options
* fix typo
* update README
* update README
* fixed typos
* update README / variable rename: wireguard_ip -> wireguard_address
Robert Wimmer