--- - name: WireGuard setup block: - name: Include vars for {{ ansible_os_family }} include_vars: "{{ item }}" with_first_found: - "{{ ansible_os_family }}_{{ ansible_distribution_major_version }}.yml" - "{{ ansible_os_family }}.yml" - name: Pre-installation include_tasks: "install_{{ ansible_os_family }}.yml" - name: Install packages for WireGuard package: name: "{{ wireguard_packages }}" state: present update_cache: yes # - name: Configure wireguard # block: # - name: Retreive private key # block: # - name: Retreive private key # shell: > # cat /etc/wireguard/privatekey # register: wireguard_private_key # rescue: # - name: Generate private key # shell: > # set -o pipefail && wg genkey | tee /etc/wireguard/privatekey # register: wireguard_private_key # always: # - name: Fix permission on /etc/wireguard/privatekey # file: # path: "/etc/wireguard/privatekey" # owner: root # group: root # mode: 0600 # # - name: Retreive public key # block: # - name: Retreive public key # shell: > # cat /etc/wireguard/publickey # register: wireguard_public_key # rescue: # - name: Generate public key # shell: > # set -o pipefail && cat /etc/wireguard/privatekey | wg pubkey | tee /etc/wireguard/publickey # register: wireguard_public_key # always: # - name: Fix permission on /etc/wireguard/publickey # file: # path: "/etc/wireguard/publickey" # owner: root # group: root # mode: 0600 # # - name: Set keys pair variable # set_facts: # wireguard_public_key: '{{ wireguard_public_key.stdout }}' # wireguard_private_key: '{{ wireguard_private_key.stdout }}' # # - name: Install WireGuard configuration files # template: # src: "etc/wireguard/wireguard.conf.j2" # dest: "/etc/wireguard/{{ wireguard_interface }}.conf" # owner: root # group: root # mode: 0644 # # - name: Enable Wireguard service # service: # name: "wg-quick@{{ wireguard_interface }}" # enabled: yes # state: restarted # when: # - skip_conf|false # tags: # - wireguard-conf # tags: - wireguard