Wireguard

This role provides a means to configure Wireguard in the following 2 scenarios:

many to one peer
one to one peer

It is completely controlled via the Ansible inventory and it works like this:

Create a new group in your inventory:

[wireguard_vpn_net]
wg-server.example.com
wg-client.example.com

Configure each host via their host_vars (see defaults/main.yml for examples)
- If you have multiple wireguard interfaces, do note that peer relations are determined based off the name of the interface. E.g. both peers will have wg1 connected to each other.
Run Ansible

If you have non-Ansible controlled peers, you can add the [Peer] sections for these peers in /etc/wireguard/{{ interface }}.conf.d/. All files in this directory are assembled to form /etc/wireguard/{{ interface }}.conf.

NOTE: The templates for this role rely heavily on the Ansible inventory. Therefore the Ansible Controller must know all private keys (protect them using Ansible Vault!)

It will also require wireguard-tools to render the public keys.

Name		Name	Last commit message	Last commit date
Latest commit History 49 Commits
.ansible-sign		.ansible-sign
.gitea/workflows		.gitea/workflows
defaults		defaults
handlers		handlers
meta		meta
molecule/default		molecule/default
tasks		tasks
templates		templates
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
LICENSE		LICENSE
MANIFEST.in		MANIFEST.in
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Wireguard

About

Releases

Packages

Languages

License

Thulium-Drake/ansible-role-wireguard

Folders and files

Latest commit

History

Repository files navigation

Wireguard

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages