You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
60 lines
2.0 KiB
YAML
60 lines
2.0 KiB
YAML
---
|
|
# Copyright (C) 2018-2020 Robert Wimmer
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
#######################################
|
|
# General settings
|
|
#######################################
|
|
|
|
# Directory to store WireGuard configuration on the remote hosts
|
|
wireguard_remote_directory: "{{ '/etc/wireguard' if not ansible_os_family == 'Darwin' else '/opt/local/etc/wireguard' }}"
|
|
|
|
# The default port WireGuard will listen if not specified otherwise.
|
|
wireguard_port: "51820"
|
|
|
|
# The default interface name that WireGuard should use if not specified otherwise.
|
|
wireguard_interface: "wg0"
|
|
|
|
# The default owner of the wg.conf file
|
|
wireguard_conf_owner: root
|
|
|
|
# The default group of the wg.conf file
|
|
wireguard_conf_group: "{{ 'root' if not ansible_os_family == 'Darwin' else 'wheel' }}"
|
|
|
|
# The default mode of the wg.conf file
|
|
wireguard_conf_mode: 0600
|
|
|
|
# The default state of the wireguard service
|
|
wireguard_service_enabled: "yes"
|
|
wireguard_service_state: "started"
|
|
|
|
#######################################
|
|
# Settings only relevant for Ubuntu
|
|
#######################################
|
|
|
|
# Set to "false" if package cache should not be updated
|
|
wireguard_ubuntu_update_cache: "true"
|
|
|
|
# Set package cache valid time
|
|
wireguard_ubuntu_cache_valid_time: "3600"
|
|
|
|
#######################################
|
|
# Settings only relevant for CentOS 7
|
|
#######################################
|
|
|
|
# Set wireguard_centos7_installation_method to "kernel-plus"
|
|
# to use the kernel-plus kernel, which includes a built-in,
|
|
# signed WireGuard module.
|
|
# UTILIZING KERNEL-PLUS WILL PERFORM A SYSTEM REBOOT DURING SETUP!!
|
|
#
|
|
# The default of "standard" will use the standard kernel and
|
|
# the ELRepo module for WireGuard.
|
|
wireguard_centos7_installation_method: "standard"
|
|
|
|
# The default seconds to wait for machine to reboot and respond
|
|
wireguard_centos7_kernel_plus_reboot_timeout: "600"
|
|
|
|
# This is sensitive: encrypt it with a tool like Ansible Vault.
|
|
# If not set, a new one is generated on a blank configuration.
|
|
# wireguard_private_key:
|