pi-ansible/roles/docker/tasks/services/wireguard.yml

---
- name: Create Wireguard volume directory
  file:
    name: "{{ services.wireguard.volume }}"
    mode: u=rwx,g=rx,o=rx
    state: directory

- name: Deploy Wireguard Docker container
  docker_container:
    name: wireguard
    image: "linuxserver/wireguard:{{ services.wireguard.version }}"
    restart_policy: unless-stopped
    env:
      SERVERURL: "{{ services.wireguard.domain }}"
      SERVERPORT: "{{ services.wireguard.port }}"
      PEERS: "{{ secrets.wireguard.peers }}"
      PEERDNS: auto
      TZ: "{{ timezone }}"
    volumes:
      - "{{ services.wireguard.volume }}:/config:rw"
      - /lib/modules:/lib/modules:rw
    published_ports:
      - "{{ services.wireguard.port }}:{{ services.wireguard.port }}/udp"
    capabilities:
      - net_admin
      - sys_module
    sysctls:
      net.ipv4.conf.all.src_valid_mark: 1
Add all services 2022-12-22 16:58:48 +00:00			`---`
			`- name: Create Wireguard volume directory`
			`file:`
			`name: "{{ services.wireguard.volume }}"`
			`mode: u=rwx,g=rx,o=rx`
			`state: directory`

			`- name: Deploy Wireguard Docker container`
			`docker_container:`
			`name: wireguard`
			`image: "linuxserver/wireguard:{{ services.wireguard.version }}"`
			`restart_policy: unless-stopped`
			`env:`
			`SERVERURL: "{{ services.wireguard.domain }}"`
			`SERVERPORT: "{{ services.wireguard.port }}"`
			`PEERS: "{{ secrets.wireguard.peers }}"`
			`PEERDNS: auto`
			`TZ: "{{ timezone }}"`
			`volumes:`
			`- "{{ services.wireguard.volume }}:/config:rw"`
			`- /lib/modules:/lib/modules:rw`
			`published_ports:`
			`- "{{ services.wireguard.port }}:{{ services.wireguard.port }}/udp"`
			`capabilities:`
			`- net_admin`
			`- sys_module`
			`sysctls:`
			`net.ipv4.conf.all.src_valid_mark: 1`