2022-12-22 19:18:27 +00:00
|
|
|
# vim: ft=yaml.ansible
|
2022-12-22 16:58:48 +00:00
|
|
|
---
|
|
|
|
|
- name: Create Wireguard volume directory
|
2023-03-22 18:31:21 +00:00
|
|
|
ansible.builtin.file:
|
2022-12-22 16:58:48 +00:00
|
|
|
name: "{{ services.wireguard.volume }}"
|
2023-03-27 11:26:54 +00:00
|
|
|
owner: '911'
|
2022-12-22 16:58:48 +00:00
|
|
|
mode: u=rwx,g=rx,o=rx
|
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
|
|
- name: Deploy Wireguard Docker container
|
2023-03-22 18:31:21 +00:00
|
|
|
community.docker.docker_container:
|
2022-12-22 16:58:48 +00:00
|
|
|
name: wireguard
|
2023-04-19 20:58:17 +00:00
|
|
|
state: "{{ 'absent' if stop is defined and stop else 'started' }}"
|
2023-04-20 22:29:19 +00:00
|
|
|
restart: "{{ stop is undefined or not stop }}"
|
2023-01-03 21:30:22 +00:00
|
|
|
image: linuxserver/wireguard:{{ services.wireguard.version }}
|
2023-01-14 18:25:13 +00:00
|
|
|
restart_policy: always
|
2023-04-26 22:03:38 +00:00
|
|
|
default_host_ip: ''
|
2023-01-06 13:37:50 +00:00
|
|
|
networks:
|
2023-05-30 17:07:08 +00:00
|
|
|
- name: pihole_wireguard
|
2022-12-22 16:58:48 +00:00
|
|
|
env:
|
|
|
|
|
SERVERURL: "{{ services.wireguard.domain }}"
|
2022-12-28 17:24:27 +00:00
|
|
|
SERVERPORT: '51820'
|
2022-12-22 16:58:48 +00:00
|
|
|
PEERS: "{{ secrets.wireguard.peers }}"
|
2023-05-30 17:07:08 +00:00
|
|
|
PEERDNS: "{{ services.pihole.docker_ipv4 }}"
|
2022-12-22 16:58:48 +00:00
|
|
|
TZ: "{{ timezone }}"
|
|
|
|
|
volumes:
|
|
|
|
|
- "{{ services.wireguard.volume }}:/config:rw"
|
|
|
|
|
- /lib/modules:/lib/modules:rw
|
|
|
|
|
published_ports:
|
2023-01-03 21:30:22 +00:00
|
|
|
- 51820:51820/udp
|
2022-12-22 16:58:48 +00:00
|
|
|
capabilities:
|
|
|
|
|
- net_admin
|
|
|
|
|
- sys_module
|
|
|
|
|
sysctls:
|
|
|
|
|
net.ipv4.conf.all.src_valid_mark: 1
|
