tchivert/ansible-role-wireguard
1
Fork 0
Code Activity
Files
main
ansible-role-wireguard/README.md
tom.chivert 7310bd9965 add PersistentKeepAlive configuration
2025-06-25 15:09:08 +02:00

898 B
Raw Permalink Blame History

Wireguard

The present role :

  • Installs wireguard and wireguard-tools
  • Configures a server
  • Adds peers to the server
  • Generates configuration for the peers

It can also be configured with forwarding rules to a local interface.

It has been tested on :

  • Debian 11
  • Debian 12

Example variables

wireguard_config: "wg0"
wireguard_listen_addr: "10.9.0.1/32"
wireguard_listen_port: "51820"
wireguard_persistent_keepalive: "25"
wireguard_private_key: "{{ wireguard_server_privkey }}"
wireguard_public_key: "{{ wireguard_server_pubkey }}"
wireguard_endpoint: "<ip>:51820"
wireguard_forwarding: "ens18"

# Generate the keys with: `wg genkey | tee /dev/tty | wg pubkey`
wireguard_users:
  - name: "tchivert"
    address: "10.9.0.2/32"
    private_key: "{{ wireguard_tchivert_privkey }}"
    public_key: "{{ wireguard_tchivert_pubkey }}"
    allowed_ips: "10.9.0.1/32, 10.0.60.0/24"
View Git Blame Copy Permalink