1234567891011121314151617181920212223242526272829303132333435363738 |
- ---
- - name: preflight - {{item}} - generate privatekey
- shell:
- cmd: echo $(wg genkey)
- register: wg_privatekey
- delegate_to: localhost
- when: hostvars[item].vpn_wg0_privatekey is not defined
- - name: preflight - {{item}} - generate publickey
- shell:
- cmd: echo $(echo {{ wg_privatekey.stdout }} | wg pubkey)
- register: wg_publickey
- delegate_to: localhost
- when: hostvars[item].vpn_wg0_publickey is not defined
- - name: preflight - {{item}} - generate presharedkey
- shell:
- cmd: wg genpsk
- register: wg_presharedkey
- delegate_to: localhost
- when: hostvars[item].vpn_wg0_presharedkey is not defined
- - name: preflight - {{item}} - Init host_vars wireguard
- blockinfile:
- path: ../host_vars/{{ item }}.yml
- block: |
- vpn_wg0_privatekey: {% if hostvars[item].vpn_wg0_privatekey is defined %}{{ hostvars[item].vpn_wg0_privatekey}}{%else%}{{wg_privatekey.stdout}}{%endif%}
- vpn_wg0_publickey: {% if hostvars[item].vpn_wg0_publickey is defined %}{{ hostvars[item].vpn_wg0_publickey}}{%else%}{{wg_publickey.stdout}}{%endif%}
- vpn_wg0_presharedkey: {% if hostvars[item].vpn_wg0_presharedkey is defined %}{{hostvars[item].vpn_wg0_presharedkey}}{%else%}{{wg_presharedkey.stdout}}{%endif%}
- vpn_wg0_listenport: {{ default_vpn_wg0_listenport }}
- vpn_wg0_address: {{ vpn_wg0_network }}.{{ hostvars[item].ip_host }}{{ vpn_wg0_netmask }}
- marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item }} vpn wireguard wg0"
- delegate_to: localhost
- when: hostvars[item].vpn_wg0_privatekey is not defined
|