summaryrefslogtreecommitdiff
path: root/roles/network/wireguard/p2p/tasks/main.yml
blob: c1c212638da678ccb9400d608fc86b2a4f463b6e (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

---
- name: autogenerate wireguard private key file
  when: "'priv_key' not in wireguard_p2p_interface"
  block:
  - name: generate private key
    shell:
      cmd: "umask 0027; wg genkey > '/etc/systemd/network/{{ wireguard_p2p_interface.name }}.privkey'"
      creates: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.privkey"

  - name: make sure systemd-netword can read the private key file
    file:
      path: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.privkey"
      mode: 0640
      group: systemd-network

- name: install wireguard interfaces (netdev)
  template:
    src: systemd.netdev.j2
    dest: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.netdev"
    mode: 0640
    group: systemd-network
  notify: restart systemd-networkd

- name: install wireguard interfaces (network)
  template:
    src: systemd.network.j2
    dest: "/etc/systemd/network/{{ wireguard_p2p_interface.name }}.network"
  notify: restart systemd-networkd

- name: make sure systemd-networkd is enabled
  systemd:
    name: systemd-networkd
    enabled: yes
    state: started
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-06 00:01:51 +0000