ansible-role-wireguard_client/tasks/configure.yml

---
- name: Ensure keys are generated
  shell: umask 077 && wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
  args:
    creates: /etc/wireguard/publickey
  notify:
    - Restart Wireguard service

- name: Register private key
  shell: cat /etc/wireguard/privatekey
  register: privatekey

- name: Ensure Wireguard client is configure
  template:
    src: templates/wireguard_client.conf
    dest: "/etc/wireguard/{{ interface_name }}.conf"
    backup: yes
  notify:
    - Restart Wireguard service

- name: Ensure UFW firewall rule exists
  ufw:
    rule: allow
    port: "{{ listenport }}"
    comment: 'Wireguard client listener'
    proto: udp

- name: Get public key
  slurp:
    src: /etc/wireguard/publickey
  register: public_key

- name: Ensure cron to ping VPN server exists
  cron:
    name: Ping VPN server
    job: ping -c 3 192.168.2.1 &> /dev/null
    hour: '1'
    user: gestor
Initial commit with previous code 2022-10-11 09:19:16 +02:00			`---`
			`- name: Ensure keys are generated`
			`shell: umask 077 && wg genkey \| tee /etc/wireguard/privatekey \| wg pubkey > /etc/wireguard/publickey`
			`args:`
			`creates: /etc/wireguard/publickey`
			`notify:`
			`- Restart Wireguard service`

			`- name: Register private key`
			`shell: cat /etc/wireguard/privatekey`
			`register: privatekey`

			`- name: Ensure Wireguard client is configure`
			`template:`
			`src: templates/wireguard_client.conf`
			`dest: "/etc/wireguard/{{ interface_name }}.conf"`
			`backup: yes`
			`notify:`
			`- Restart Wireguard service`

			`- name: Ensure UFW firewall rule exists`
			`ufw:`
			`rule: allow`
			`port: "{{ listenport }}"`
			`comment: 'Wireguard client listener'`
			`proto: udp`

			`- name: Get public key`
			`slurp:`
			`src: /etc/wireguard/publickey`
			`register: public_key`

			`- name: Ensure cron to ping VPN server exists`
			`cron:`
			`name: Ping VPN server`
			`job: ping -c 3 192.168.2.1 &> /dev/null`
			`hour: '1'`
			`user: gestor`