49 lines
1.0 KiB
YAML
49 lines
1.0 KiB
YAML
---
|
|
- name: Add Debian unstable repository
|
|
apt_repository:
|
|
repo: "deb {{ debian_mirror }} unstable main"
|
|
state: present
|
|
|
|
- name: Limit unstable packages
|
|
template:
|
|
src: apt/preferences.d/limit-unstable.j2
|
|
dest: /etc/apt/preferences.d/limit-unstable
|
|
|
|
- name: Install wireguard
|
|
apt:
|
|
update_cache: true
|
|
name:
|
|
- wireguard
|
|
- resolvconf
|
|
- linux-headers-amd64
|
|
register: apt_result
|
|
retries: 3
|
|
until: apt_result is succeeded
|
|
|
|
- name: Indicate role in motd
|
|
template:
|
|
src: update-motd.d/05-service.j2
|
|
dest: /etc/update-motd.d/05-wireguard
|
|
mode: 0755
|
|
|
|
- name: Ensure wireguard directory is present
|
|
file:
|
|
path: /etc/wireguard
|
|
mode: 0700
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Deploy wireguard configuration
|
|
template:
|
|
src: wireguard/sputnik.conf.j2
|
|
dest: /etc/wireguard/sputnik.conf
|
|
mode: 0700
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Enable and start wireguard service
|
|
systemd:
|
|
name: wg-quick@sputnik
|
|
state: started
|
|
enabled: true
|