helix
/
ansible-role-wireguard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
unmanaged-hosts
10.0.0
11.0.0
11.1.0
12.0.0
13.0.0
13.0.1
14.0.0
2.0.0
2.0.1
3.0.0
3.0.1
3.1.0
3.2.0
3.2.1
3.2.2
4.0.0
4.1.0
4.1.1
4.2.0
5.0.0
6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.1.0
6.2.0
6.3.0
6.3.1
7.0.0
7.1.0
7.10.0
7.11.0
7.12.0
7.2.0
7.3.0
7.3.1
7.4.0
7.5.0
7.6.0
7.7.0
7.8.0
7.9.0
8.0.0
8.1.0
8.3.0
8.4.0
9.0.0
9.0.1
9.1.0
9.2.0
9.3.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7fbb316965'
${ noResults }
ansible-role-wireguard/tasks/setup-debian-raspbian-buste...

88 lines
2.8 KiB
YAML
Raw Blame History

---
# Copyright (C) 2020 Stefan Haun
# SPDX-License-Identifier: GPL-3.0-or-later
# Note: This setup is called for Raspbian 10 (Buster) and lower.
# Since Raspbian 11 (Bullseye) wireguard is supported out
# of the box.
# Any Raspbian-related changes for Bullseye and above need to
# go to a separate playbook.
- name: (Raspbian) Install GPG - required to add WireGuard key
ansible.builtin.apt:
name: gnupg
state: present
- name: (Raspbian) Add Debian repository keys
ansible.builtin.apt_key:
keyserver: "keyserver.ubuntu.com"
id: "{{ item }}"
state: present
when: ansible_lsb.id == "Raspbian"
with_items:
- "04EE7237B7D453EC"
- "648ACFD622F3D138"
- name: (Raspbian) Add Debian Buster Backports repository for WireGuard
ansible.builtin.apt_repository:
repo: "deb http://deb.debian.org/debian buster-backports main"
state: present
update_cache: "{{ wireguard_update_cache }}"
- name: (Raspbian) Install latest kernel
ansible.builtin.apt:
name:
- "raspberrypi-kernel"
state: latest # noqa package-latest
register: wireguard__register_kernel_update
- name: (Raspbian) Reboot after kernel update (Ansible >= 2.8)
ansible.builtin.reboot:
search_paths: ['/lib/molly-guard', '/usr/sbin', '/sbin']
when:
- ansible_version.full is version('2.8.0', '>=')
- wireguard__register_kernel_update is changed
- name: (Raspbian) Check if molly-guard is installed (Ansible < 2.8)
ansible.builtin.stat:
path: /lib/molly-guard/
register: wireguard__register_molly_guard
- name: (Raspbian) Reboot after kernel update (Ansible < 2.8, no molly-guard)
ansible.builtin.reboot:
when:
- ansible_version.full is version('2.8.0', '<')
- wireguard__register_kernel_update is changed
- not wireguard__register_molly_guard.stat.exists
- name: (Raspbian) Reboot after kernel update (Ansible < 2.8, with molly-guard)
ansible.builtin.command: /lib/molly-guard/shutdown -r now
async: 1
poll: 0
ignore_unreachable: true
changed_when: false
when:
- ansible_version.full is version('2.8.0', '<')
- wireguard__register_kernel_update is changed
- wireguard__register_molly_guard.stat.exists
- name: (Raspbian) Waiting for host to be available (Ansible < 2.8, with molly-guard)
ansible.builtin.wait_for_connection:
when:
- ansible_version.full is version('2.8.0', '<')
- wireguard__register_kernel_update is changed
- wireguard__register_molly_guard.stat.exists
- name: (Raspbian) Install latest kernel headers to compile Wireguard with DKMS
ansible.builtin.apt:
name:
- "raspberrypi-kernel-headers"
state: latest # noqa package-latest
- name: (Raspbian) Install WireGuard packages
ansible.builtin.apt:
name:
- "wireguard-dkms"
- "wireguard-tools"
state: present
Reference in New Issue View Git Blame Copy Permalink