Added reverse proxy configs for mii

Signed-off-by: TuDatTr <tuan-dat.tran@tudattr.dev>
2023-04-14 14:01:17 +02:00
parent 7cd43fb8a8
commit 6c0ea656eb
19 changed files with 234 additions and 108 deletions
--- a/roles/wireguard/tasks/config.yml
+++ b/roles/wireguard/tasks/config.yml
@@ -0,0 +1,16 @@
+---
+- name: Copy "{{ wg_config }}"
+  template:
+    src: "{{ wg_config }}"
+    dest: "{{ wg_remote_config }}"
+    owner: "root"
+    group: "root"
+    mode: "0600"
+  become: true
+
+- name: Start wireguard
+  service:
+    name: "{{ wg_service }}"
+    state: started
+    enabled: yes
+  become: true
--- a/roles/wireguard/tasks/install.yml
+++ b/roles/wireguard/tasks/install.yml
@@ -0,0 +1,20 @@
+---
+- name: Update and upgrade packages
+  apt:
+    update_cache: true
+    upgrade: true
+    autoremove: true
+  become: true
+
+- name: Install WireGuard dependencies
+  apt:
+    name: "{{ wg_deps }}"
+    state: present
+  become: true
+
+- name: Create resolveconf symlink Debian bug #939904
+  file:
+    src: /usr/bin/resolvectl
+    dest: /usr/local/bin/resolvconf
+    state: link
+  become: true
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@@ -0,0 +1,2 @@
+- include_tasks: install.yml
+- include_tasks: config.yml
--- a/roles/wireguard/templates/wg0.conf
+++ b/roles/wireguard/templates/wg0.conf
@@ -0,0 +1,9 @@
+[Interface]
+PrivateKey = {{ vault_wg_pk }}
+Address = {{ wg_ip }}
+DNS = {{ wg_dns }}
+
+[Peer]
+PublicKey = {{ wg_pubkey }}
+Endpoint = {{ wg_endpoint }}
+AllowedIPs = {{ wg_allowed_ips }}