extern/innernet-playbook
1
0
Fork 1
mirror of https://git.fsfe.org/fsfe-system-hackers/innernet-playbook.git synced 2024-11-22 22:53:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
bd1807a604
innernet-playbook/roles/server/tasks/main.yml

96 lines
2.4 KiB
YAML
Raw Blame History

# SPDX-FileCopyrightText: 2021 Free Software Foundation Europe <https://fsfe.org>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Install needed packages
tags: [update]
apt:
package:
- rsync
- wireguard
- wireguard-tools
- name: Copy package to server
tags: [never, update]
synchronize:
src: "innernet-server.deb"
dest: "/tmp/innernet-server.deb"
- name: Install package
tags: [never, update]
apt:
deb: "/tmp/innernet-server.deb"
update_cache: true
install_recommends: true
- name: Check if network is initialised
stat:
path: "/var/lib/innernet-server/{{ network_name }}.db"
register: db_file
- name: Create base network
shell: |
innernet-server new \
--network-name "{{ network_name }}" \
--network-cidr "{{ network_cidr }}" \
--external-endpoint "[{{ hostvars[inventory_hostname]['ansible_default_ipv6']['address'] }}]:{{ network_listen_port }}" \
--listen-port {{ network_listen_port }}
when: not db_file.stat.exists
- name: Create CIDRs
shell: |
innernet-server add-cidr "{{ network_name }}" \
--parent "{{ item.parent }}" \
--name "{{ item.name }}" \
--cidr "{{ item.cidr }}" \
--yes
loop: "{{ cidrs }}"
when:
- item.name not in existing_cidrs
- name: Create peers
shell: |
innernet-server add-peer "{{ network_name }}" \
--name "{{ item.name }}" \
--cidr "{{ item.cidr }}" \
--admin "{{ item.admin }}" \
--save-config "{{ item.name }}.toml" \
--invite-expires "14d" \
--auto-ip \
--yes
loop: "{{ peers }}"
when:
- item.name not in existing_peers
- name: Check for actual peer invitation files
shell: ls | grep .toml
register: toml_files
ignore_errors: true
- name: Custom error message
fail:
msg: "Could not find any new invitation files. Have you added a new peer?"
when: toml_files.rc == 1
- name: Copy invitation files of peers to controller
synchronize:
src: "/root/{{ item.name }}.toml"
dest: "{{ playbook_dir }}/roles/client/files/{{ item.name }}.toml"
mode: pull
when: toml_files.stdout.find(item.name) != -1
loop: "{{ peers }}"
- name: Make sure invitation files are absent on innernet-server
file:
state: absent
path: "/root/{{ item.name }}.toml"
loop: "{{ peers }}"
when:
- item.name not in existing_peers
- name: Enable innernet-server daemon
systemd:
name: "innernet-server@{{ network_name }}"
state: started
Reference in New Issue View Git Blame Copy Permalink