ansible-role-wireguard-vyatta
A simple role to install Wireguard DEB package on Vyatta based routers and to configure peers
Currently only supports EdgeOS
To do both do installation and configuration, the playbook must be defined with two entries:
- First is to install the executable using regular SSH (
wireguard_install
) - Second is to configure Vyatta using networking module (
wireguard_configure
)
Requirements
Vyatta based units (Vyatta, EdgeOS, VyOS)
Role Variables
wireguard_url
(default: https://api.github.com/repos/WireGuard/wireguard-vyatta-ubnt/releases
)
wireguard_release
(default: 1.0.20210424-1
)
wireguard_config_dir
(default: /config/wireguard
)
wireguard_wg_interfaces
(default: []
)
Dependencies
requirements.yaml:
collections:
- community.network
Install using:
ansible-galaxy collection install -r requirements.yaml
Example Playbook
Playbook to run against EdgeOS routers.
---
- name: EdgeOS wireguard install
hosts: routers
gather_facts: false
vars:
wireguard_install: true
wireguard_configure: false
roles:
- ansible-role-wireguard-vyatta
- name: EdgeOS wireguard configure
hosts: routers
gather_facts: false
connection: network_cli
vars:
ansible_network_os: edgeos
wireguard_install: false
wireguard_configure: "server" # change to "client" for client
wireguard_wg_interfaces:
- interface: wg0
description: "VPN Clients"
address: 192.168.58.1/24
# privkey: <private key> assign private key with a variable instead of a file for client
port: 51820 # client doesn't use port
peer:
- id: "AAAAAAAAAABBBBBBBBBBCCCCCCCCCCCCDDDDDDDDDDD="
description: "peer 1"
allowed_ips: 192.168.53.101/32
# endpoint: <IP of server>:<port> # client needs an endpoint as well
roles:
- ansible-role-wireguard-vyatta
License
Apache 2.0
Author Information
Author: Richard Holmboe [email protected]
Website: https://dynamist.se/en/