It does not serve any function anymore after support for module
reloading has been removed from the postinst script in 0.0.20200215-2 on
2020-02-24. A module update is properly signaled via
/run/reboot-required so that the admin can (automatically) schedule a
reboot when convenient. This will also be more in line with future Debian
releases because starting with Debian bullseye, the kernel ships the
module.
Add macOS details in the README
Fix Archlinux spelling
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
Remove additional linux.yml file, use conditional block instead
Add CHANGELOG entry
Bump to 7.2.0 in CHANGELOG
Invert OS check on Darwin instead of Linux
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Add support for unmanaged WireGuard peers
Add variable wireguard_extra_peer_config that is raw WireGuard
configuration appended to the peers section. Value is a string
containing arbitrary wg-quick syntax.
This closes#41, and closes#45.
* update CHANGELOG (#63)
* Change unmanaged peers to dictionary instead of string
Based on review comment by @j8r in #63.
* README: update preshared_key example
Update wireguard_unmanaged_peers example for preshared_key.
Make it a comment to highlight it is optional and should probably be handled
like other secrets.
* Clean up jinja2 syntax
Based on review comments.
* Remove unneeded if of required public_key
The public_key is required for a wireguard peer so remove the if from
wireguard_unmanaged_peers public_key. The effect is that it is a syntax
error from Ansible rather than failing config validation when the config
has already been written and fails to load.
* Switched to ELRepo for Centos (#50)
- added switch to differentiate setup of Centos7/8
- replaced old repository by officialy recomended
- added step to remove old dkms wireguard package
- switched to install KMOD wireguard package
* Updated CHANGELOG after switching to ELRepo for Centos
* Update CHANGELOG.md
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Updted CHANGELOG: added notice about old wireguard Centos repository removal
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* on openstack Debian images, the kernel is different, so we need to install different kernel headers, too
* fix syntax error in conditional fact
* remove debug message
Co-authored-by: Peter Pallinger <pallinger@sztaki.hu>
* Rename debian-setup role to point to vanilla Debian
* Add a specific setup role for Raspbian
This role will fail for now, Raspbian is not supported by this role as it is.
* Add a switch for Raspbian
* Add Raspbian role for installing WireGuard
* Raspbian: Handle reboot with molly-guard and older Ansible versions
Arch Linux ships a Linux kernel > 5.6 and doesn't require DKMS.
Move the package list variable to (distribution-specific) var files.
For the Arch Linux LTS kernel (5.4) a binary wireguard-lts package is
provided in [core].
* Changes wireguard apt repo to buster-backports
* Add repo only on buster or earlier
* No apt pin needed, backports has lower priority than main distribution
* Update CHANGELOG.md
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Clarify effects of updating on system state
Co-authored-by: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* merge stateless with no storage of local priv key
* Delete locally stored private key
* add reload module on update config file
* privatekey template is not used anymore
* remove all local keys priv and public
* use ansible_play_hosts instead of hardcoded vpn grp
should use the group in the play calling the role.
works fine when hosts bellong to several groups
* Clean tasks names
* add tag, and cleanup
* fix private key creation
* Support for mutliple wireguard vpn on same host
add inventory exemple in readme
* fix typo, add some comment on inventory
* add wg-config tag to Check config:
allow run with -t - wg-config
* Update tasks/main.yml
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* remove trailing whitespace
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* Update templates/wg.conf.j2
Co-Authored-By: Robert Wimmer <2039811+githubixx@users.noreply.github.com>
* changes after githubixx code review
* readd new line to separate peers in config
Robin Schneider