From b9f788336dab058acb8b61505ff73366809d2a21 Mon Sep 17 00:00:00 2001 From: Jesper Hess Nielsen Date: Thu, 23 Apr 2020 22:23:19 +0200 Subject: [PATCH] Add initial wireguard stuff --- host_vars/frb1.cph.dk.routers.v6.hessnet.dk.yml | 11 +++++++++++ host_vars/vul1.ams.nl.routers.v6.hessnet.dk.yml | 11 +++++++++++ roles/wireguard-tools/tasks/main.yml | 2 -- roles/wireguard/tasks/main.yml | 3 +++ roles/wireguard/tasks/wireguard-keys.yml | 11 +++++++++++ .../tasks/wireguard-tools.yml | 0 6 files changed, 36 insertions(+), 2 deletions(-) delete mode 100644 roles/wireguard-tools/tasks/main.yml create mode 100644 roles/wireguard/tasks/main.yml create mode 100644 roles/wireguard/tasks/wireguard-keys.yml rename roles/{wireguard-tools => wireguard}/tasks/wireguard-tools.yml (100%) diff --git a/host_vars/frb1.cph.dk.routers.v6.hessnet.dk.yml b/host_vars/frb1.cph.dk.routers.v6.hessnet.dk.yml index 053e198..81e3e2a 100644 --- a/host_vars/frb1.cph.dk.routers.v6.hessnet.dk.yml +++ b/host_vars/frb1.cph.dk.routers.v6.hessnet.dk.yml @@ -24,3 +24,14 @@ bgp_peers: announce_from_here: true configure_static_multihop_routes: false + +wireguard: + privatekey: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 31653838616232323365396538363930313866363939303532313737613937643361666666363232 + 3737313837336666353366386135623030383534303931620a393434396465383461303231323563 + 35613861663837373866313832656334323230316133663935346161386435663762306335306365 + 3662346136653766620a316535336632363937656639643361666465623033396136363738356538 + 36306139376436666165393831363435626633313935333838613938616631666531343964666464 + 3833643632343962666464383336626234646362336531366331 + publickey: IBJriIpmeq+hqVCBYPn7PxDXhH/ymxpG+6BOYedfZXY= diff --git a/host_vars/vul1.ams.nl.routers.v6.hessnet.dk.yml b/host_vars/vul1.ams.nl.routers.v6.hessnet.dk.yml index eef2ccf..1c5f755 100644 --- a/host_vars/vul1.ams.nl.routers.v6.hessnet.dk.yml +++ b/host_vars/vul1.ams.nl.routers.v6.hessnet.dk.yml @@ -38,3 +38,14 @@ bgp_peers: announce_from_here: false configure_static_multihop_routes: true + +wireguard: + privatekey: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32303861303330616663386339623539386564353337336432663838666665346539383562386435 + 3562643536356366633635326462633664376434666466390a363566666633666232353630346533 + 32653839353030306565326162316132313838653362353566313133376465373239353238383763 + 3666623233313737340a656538353865323666343532353735633139396365396462646135393930 + 39383837643238653233623838323033626132646430393738376465626261343337623263653239 + 3539623564623938363064303965393465326534393536353265 + publickey: "I4IOQdIwNSi2OzQQk4yBMsprnewBMGEzjwYSw4Yy2Ug=" diff --git a/roles/wireguard-tools/tasks/main.yml b/roles/wireguard-tools/tasks/main.yml deleted file mode 100644 index ce0acc7..0000000 --- a/roles/wireguard-tools/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- include_tasks: "wireguard-tools.yml" \ No newline at end of file diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml new file mode 100644 index 0000000..1403c11 --- /dev/null +++ b/roles/wireguard/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- include_tasks: "wireguard-tools.yml" +- include_tasks: "wireguard-keys.yml" \ No newline at end of file diff --git a/roles/wireguard/tasks/wireguard-keys.yml b/roles/wireguard/tasks/wireguard-keys.yml new file mode 100644 index 0000000..d7f1022 --- /dev/null +++ b/roles/wireguard/tasks/wireguard-keys.yml @@ -0,0 +1,11 @@ +--- +- name: "Copy wireguard public key" + copy: + content: "{{ wireguard.publickey }}" + dest: "/etc/wireguard/pub.key" + +- name: "Copy wireguard private key" + copy: + content: "{{ wireguard.privatekey }}" + dest: "/etc/wireguard/priv.key" + mode: "0600" diff --git a/roles/wireguard-tools/tasks/wireguard-tools.yml b/roles/wireguard/tasks/wireguard-tools.yml similarity index 100% rename from roles/wireguard-tools/tasks/wireguard-tools.yml rename to roles/wireguard/tasks/wireguard-tools.yml