mirror of
https://github.com/pikami/mail-server.git
synced 2025-01-07 09:27:20 +00:00
37 lines
994 B
YAML
37 lines
994 B
YAML
|
- name: VPN Setup
|
||
|
hosts:
|
||
|
- mx1
|
||
|
- mx2
|
||
|
remote_user: root
|
||
|
vars_files:
|
||
|
- vars.yml
|
||
|
tasks:
|
||
|
- name: Install wireguard
|
||
|
community.general.openbsd_pkg:
|
||
|
name:
|
||
|
- wireguard-tools
|
||
|
state: present
|
||
|
|
||
|
- name: Ensures /etc/wireguard dir exists
|
||
|
file:
|
||
|
path: "/etc/wireguard"
|
||
|
state: directory
|
||
|
|
||
|
- name: Create wireguard config
|
||
|
template:
|
||
|
src: "templates/wireguard.conf.j2"
|
||
|
dest: "/etc/wireguard/{{ lookup('vars', inventory_hostname + '_wg').interface }}.conf"
|
||
|
owner: root
|
||
|
group: wheel
|
||
|
mode: "0600"
|
||
|
|
||
|
- name: Create wireguard interface
|
||
|
template:
|
||
|
src: "templates/wireguard.if.j2"
|
||
|
dest: "/etc/hostname.{{ lookup('vars', inventory_hostname + '_wg').interface }}"
|
||
|
register: iface_config
|
||
|
|
||
|
- name: Apply network configuration if changed
|
||
|
shell: sh /etc/netstart {{ lookup('vars', inventory_hostname + '_wg').interface }}
|
||
|
when: iface_config.changed
|