94 lines
2.0 KiB
YAML
94 lines
2.0 KiB
YAML
- name: Update apt cache
|
|
apt:
|
|
update_cache: true
|
|
|
|
- name: Install WireGuard and required packages
|
|
apt:
|
|
name:
|
|
- wireguard
|
|
- wireguard-tools
|
|
- resolvconf
|
|
state: present
|
|
|
|
- name: Ensure WireGuard module is loaded
|
|
modprobe:
|
|
name: wireguard
|
|
state: present
|
|
|
|
- name: Enable IP forwarding
|
|
sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: '1'
|
|
state: present
|
|
|
|
- name: Ensure wireguard config directory exists
|
|
file:
|
|
path: "{{ wireguard_easy_config_dir }}"
|
|
state: directory
|
|
mode: '0755'
|
|
become: true
|
|
|
|
- name: Ensure WireGuard configuration file exists (optional)
|
|
file:
|
|
path: "{{ wireguard_easy_data_dir }}/wg0.conf"
|
|
state: touch
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: Ensure nginx data directory exists
|
|
file:
|
|
path: "{{ nginx_proxy_manager_data_path }}"
|
|
state: directory
|
|
mode: '0755'
|
|
become: true
|
|
|
|
- name: Copy Nginx configuration files
|
|
copy:
|
|
src: nginx/data
|
|
dest: "{{ nginx_proxy_manager_data_path }}"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: Ensure Let's Encrypt directory exists
|
|
file:
|
|
path: "{{ nginx_proxy_manager_letsencrypt_path }}"
|
|
state: directory
|
|
mode: '0755'
|
|
become: true
|
|
|
|
- name: Copy Let's Encrypt files
|
|
copy:
|
|
src: nginx/letsencrypt
|
|
dest: "{{ nginx_proxy_manager_letsencrypt_path }}"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify: Restart Nginx
|
|
|
|
- name: Generate Docker Compose file for Wireguard and Nginx
|
|
template:
|
|
src: docker-compose.j2
|
|
dest: /opt/network/docker-compose.yml
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
become: true
|
|
|
|
- name: Deploy Containers
|
|
ansible.builtin.shell:
|
|
cmd: podman-compose -f /opt/network/podman-compose.yml up -d
|
|
chdir: /opt/network
|
|
become: true
|
|
|
|
- name: Ensure Nginx container is running
|
|
ansible.builtin.shell:
|
|
cmd: "podman ps -a --filter name={{ nginx_proxy_manager_container_name }} --format '{{.Status}}'"
|
|
register: nginx_container_status
|
|
changed_when: false
|
|
|
|
- name: Display Nginx container status
|
|
debug:
|
|
var: nginx_container_status.stdout
|