add wireguard config

2023-01-09 19:43:01 +01:00 · 2023-01-09 19:43:01 +01:00 · 51d38248db
commit 51d38248db
parent bb57006968
7 changed files with 44 additions and 1 deletions
--- a/3
+++ b/3
@ -31,4 +31,7 @@ vscodium:
 zsh:
 	ansible-playbook playbooks/zsh.yml -i inventory/hosts.yml -K

+wireguard:
+	ansible-playbook playbooks/wireguard.yml -i inventory/hosts.yml -K --ask-vault-pass
+
 .PHONY: run
--- a/README.md
+++ b/README.md
@ -17,7 +17,6 @@ My current setup is [Regolith OS](https://regolith-desktop.com/) which is basica
 - i3 app shortcuts
 - terminal font
 - default git branch master
- wireguard configuration to home
 - Configuration for desktop at uni. It should be really similar, except syncthing should have a new keypair. Also some applications are not necessary, e.g. nicotine+ and virtualbox.

 Would like Ansible Vault to check in keypair for syncthing.
--- a/playbooks/all.yml
+++ b/playbooks/all.yml
@ -6,6 +6,7 @@
    my_roles:
      - zsh
      - asdf
+      - wireguard
      - neovim
      - signal
      - virtualbox
--- a/playbooks/wireguard.yml
+++ b/playbooks/wireguard.yml
@ -0,0 +1,4 @@
+- name: Install wireguard
+  hosts: self
+  roles:
+    - wireguard
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@ -0,0 +1,10 @@
+- name: Install wireguard
+  become: true
+  apt:
+    name: wireguard
+    state: present
+- name: Install home.conf
+  become: true
+  template:
+    src: "{{ role_path }}/templates/home.conf.j2"
+    dest: /etc/wireguard/home.conf
--- a/roles/wireguard/templates/home.conf.j2
+++ b/roles/wireguard/templates/home.conf.j2
@ -0,0 +1,10 @@
+[Interface]
+Privatekey={{ private_key }}
+Address=192.168.40.3/24
+DNS=192.168.10.1
+
+[Peer]
+Publickey=URG3OY/ow/vY+Ou2z/9V0xHmc6kQ0SmV24F5105b5yI=
+PresharedKey={{ preshared_key }}
+Endpoint=wg.geokunis2.nl:47239
+AllowedIPs=0.0.0.0/0
--- a/roles/wireguard/vars/main.yml
+++ b/roles/wireguard/vars/main.yml
@ -0,0 +1,16 @@
+private_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          34373762323462386235343934613038633764663961633635343439373033656662313731313736
+          6166326637393162663035653830333832633034386335630a343438613561626162393336306438
+          33633937626535356337366234306366383864346332396539376162666431343636383739353831
+          3735373033346634650a343937653565353063326335373764616262663339363764316261626438
+          34373663643165303837613132313231396266636136303333363361613733343564393531366631
+          6238343964613130623764333165333961366538333433626137
+preshared_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          62336462356637633962336335383565666562613961653664316330373163326437623535336463
+          3861346562346639353339386135633935626361633131360a386130333266393333656130656264
+          31666631623262336261356261353932633763303235316437373139336334343764643936646632
+          3366393362376334370a333835623033343030333937636539336362653838643937616164613139
+          33343565333733643738656631346433356164386561306537626336343332613961613430633238
+          3237333865633231646162303532303461656463343137393037