Skip to content

Latest commit

 

History

History
52 lines (39 loc) · 1.03 KB

README.md

File metadata and controls

52 lines (39 loc) · 1.03 KB
Raw

geekoops.wireguard

This is simple GeekoOps Wireguard Ansible role. It's available on Ansible Galaxy as geekoops.wireguard.

How it works

  • Every member of the network knows everyone else.
  • Only hosts from automated group are configured.

How to

Create main.yml

- name: Wireguard for automated hosts
  hosts: automated
  become: true
  roles:
  - pdostal.wireguard

Create hosts.yml

all:
  vars:
    network: vpn
    port: 51871

automated:
  hosts:
    pdostal:
      address: 172.27.172.1/24, 10.0.0.1/24
      public_key: EXAMPLEKEY123EXAMPLEKEY123=
      endpoint: 111.222.111.222:51871
      allowed_ips: 172.27.172.0/24, 10.0.0.0/24
      private_key: !vault |

manual:
  hosts:
    laptop:
      public_key: EXAMPLEKEY123EXAMPLEKEY123=
      allowed_ips: 172.27.172.2/32, 10.0.0.2/32
    phone:
      public_key: EXAMPLEKEY123EXAMPLEKEY123=
      allowed_ips: 172.27.172.3/32, 10.0.0.3/32

This is my first public role, let me know how do you like it!