46 lines
1.8 KiB
YAML
46 lines
1.8 KiB
YAML
---
|
|
- hosts: net
|
|
vars:
|
|
file:
|
|
- { path: '/etc/wireguard', owner: 'root', group: 'root', mode: '600', state: directory }
|
|
apt:
|
|
packages:
|
|
- { package: "wireguard-tools", state: present }
|
|
- { package: "wireguard", state: present }
|
|
systemd:
|
|
services:
|
|
- { name: "wg-quick@wg0", enabled: true, action: restarted }
|
|
firewall:
|
|
- { port: "{{ wireguard.port }}", ipv: "v4", proto: "udp" }
|
|
- { port: "{{ wireguard.port }}", ipv: "v6", proto: "udp" }
|
|
wireguard:
|
|
interface: 'wg0'
|
|
port: 51820
|
|
net:
|
|
v4:
|
|
addr: "172.22.12"
|
|
range:
|
|
serv: 24
|
|
clnt: 32
|
|
v6:
|
|
addr: "fd86:ea04:1115:"
|
|
range:
|
|
serv: 120
|
|
clnt: 128
|
|
peers:
|
|
- { bit: 2, pubkey: "Xb+ASR5NdnIB+dXWEA4H0V3d0LC0KocKeFeQDyqDqjk=" }
|
|
- { bit: 3, pubkey: "kz9vLMnPtfka11n1EJpzHb4966ieJSo4BU1P2joHLXo=" }
|
|
- { bit: 10, pubkey: "wpjMlhrcv173ER7rZ0KrmaqahcqZA/fm3ovpaGlRIRo=" }
|
|
- { bit: 12, pubkey: "2FRcncz/oSmqFQLrHqICi4fEkgxrCeS9P8TTv5gcfCw=" }
|
|
- { bit: 14, pubkey: "XYUXzDDXzo1uDadvJ8YW5X/ISCZSyu10d35i7mb0pAY=" }
|
|
vault:
|
|
roles:
|
|
- "wireguard"
|
|
roles:
|
|
- vault
|
|
- file
|
|
- apt
|
|
- wireguard
|
|
- systemd
|
|
- firewall
|