Import firewall role from network repo
Move, actually.
This commit is contained in:
parent
88061d97b2
commit
754c3da31f
21 changed files with 801 additions and 1 deletions
26
roles/firewall/tasks/wireguard.yml
Normal file
26
roles/firewall/tasks/wireguard.yml
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
# All firewall nodes share one external IP for wireguard connections.
|
||||
# Private key and peer configuration is the same for all nodes. Peers
|
||||
# connected to each node are installed in the routing table and
|
||||
# distributed into fabric.
|
||||
|
||||
- name: Install wireguard tools
|
||||
package:
|
||||
name: wireguard-tools
|
||||
|
||||
- name: Create wireguard directory
|
||||
file:
|
||||
path: /etc/wireguard
|
||||
state: directory
|
||||
|
||||
- name: Touch wireguard config
|
||||
file:
|
||||
path: /etc/wireguard/wg.conf
|
||||
state: touch
|
||||
access_time: preserve
|
||||
modification_time: preserve
|
||||
|
||||
- name: Add wireguard interface
|
||||
template:
|
||||
dest: /etc/network/interfaces.d/wg.intf
|
||||
src: wg.intf.j2
|
||||
notify: enable interfaces
|
||||
Loading…
Add table
Add a link
Reference in a new issue