mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-18 08:06:16 +01:00
Code Issues
master
infrastructure/roles/wireguard/tasks/main.yml
Evangelos Foutras 6706410fcd
wireguard: use service name to open firewall port 
51820/udp -> wireguard
2022-10-16 20:52:45 +03:00

25 lines
845 B
YAML
Raw Permalink Blame History

# Used for debugging
- name: Install wireguard-tools
pacman: name=wireguard-tools state=present
- name: Install wireguard configuration
template: src={{ item.src }} dest=/etc/systemd/network/{{ item.dest }} owner=root group=systemd-network mode=0640
loop:
- {src: wg0.netdev.j2, dest: wg0.netdev}
- {src: wg0.network.j2, dest: wg0.network}
notify: Reload wireguard
- name: Create wireguard zone
ansible.posix.firewalld: zone=wireguard permanent=yes state=present
register: result
- name: Reload firewalld
service: name=firewalld state=reloaded
when: result.changed
- name: Add wg0 to the wireguard zone
ansible.posix.firewalld: zone=wireguard interface=wg0 permanent=yes immediate=yes state=enabled
- name: Open firewall holes
ansible.posix.firewalld: service=wireguard permanent=yes immediate=yes state=enabled
View Git Blame Copy Permalink