ansible-role-wireguard
ansible-role-wireguard copied to clipboard
githubixx
Ansible role for installing WireGuard VPN. Supports Ubuntu, Debian, Archlinx, Fedora and CentOS.
The current design is modeled around `ansible_play_hosts`: https://github.com/githubixx/ansible-role-wireguard/blob/fbf47d2a139f9f3dc07bb4f78392c2176ecb91ea/templates/etc/wireguard/wg.conf.j2#L44 This has one very strong downside which is that this role cannot run against one host because then it would remove all...
This role looks pretty sophisticated, cool! I've read through the `wg.conf.j2` and `tasks/main.yml` and noticed that there was currently no way of managing multiple wireguard interfaces per machine with a...
Inspired by [lablabs/ansible-collection-wireguard](https://github.com/lablabs/ansible-collection-wireguard/blob/d8b22b4b679561cf11881c09ebe8f55851df44ef/roles/wireguard/tasks/clients.yml?_pjax=%23js-repo-pjax-container%2C%20div%5Bitemtype%3D%22http%3A%2F%2Fschema.org%2FSoftwareSourceCode%22%5D%20main%2C%20%5Bdata-pjax-container%5D#L26) I would very welcome the ability to configure to download client configs for unmanaged peers.
Adds the `Name = ` prefix in host name comment line of wireguard config to allow this [wg-info](https://github.com/asdil12/wg-info) neat little script to display host name.
Now etc/wireguard/wg.conf.j2 template is hardcoded into the role. This PR proposes allow user change the template to implement some custom network layout. Unortunately, it is impossible in Ansible without changing...
This change extends WireGuard's reconfiguration by executing its lifecycle hooks if they're changed (see #135). WireGuard will be shutdown *before* applying those changes to a) execute the `PreDown` and `PostDown`...
Executive summary: when the DNS option is set, wg-quick does not run on Ubuntu without openresolv. Installing (and using) openresolv, messes up with the standard way resolution is handled (via...
Managing `iptables` rules is a common example for using `wg-quick`'s lifecycle hooks `PreUp`, `PostUp`, `PreDown` and `PostDown`. However, when changing those rules and deploying this role again they're not executed...
This ensures the syncconf is called at the end of the role before moving on, otherwise it's only called at the end of the play. The code would look like:...
