35 lines
849 B
YAML
35 lines
849 B
YAML
---
|
|
# WireGuard Configuration Tasks
|
|
|
|
- name: Configure WireGuard server
|
|
ansible.builtin.template:
|
|
src: wg0.conf.j2
|
|
dest: "{{ wg_config_dir }}/{{ wg_interface }}.conf"
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
notify: restart wireguard
|
|
|
|
- name: Enable IP forwarding (if not already enabled by sysctl)
|
|
ansible.posix.sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: '1'
|
|
state: present
|
|
sysctl_set: yes
|
|
reload: yes
|
|
|
|
- name: Enable WireGuard service
|
|
ansible.builtin.systemd:
|
|
name: "wg-quick@{{ wg_interface }}"
|
|
enabled: yes
|
|
state: started
|
|
|
|
- name: Get WireGuard service status
|
|
ansible.builtin.systemd:
|
|
name: "wg-quick@{{ wg_interface }}"
|
|
register: wg_service_status
|
|
|
|
- name: Display WireGuard status
|
|
ansible.builtin.debug:
|
|
msg: "WireGuard service is {{ wg_service_status.status.ActiveState }}"
|