initial cleanup server-manager

roles/docker-wireguard/tasks/main.yml

@@ -0,0 +1,41 @@
+---
+- name: configure {{domain}}.conf
+  template: src=roles/native-nginx-docker-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
+  notify: restart nginx
+
+- name: recieve {{domain}} certificate
+  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+
+- sysctl:
+    name: net.ipv4.conf.all.src_valid_mark
+    value: 1
+    sysctl_set: yes
+
+- name: "setup wireguard"
+  docker_compose:
+    project_name: wireguard
+    definition:
+      application:
+        image: linuxserver/wireguard
+        restart: always
+        ports:
+          - "{{http_port}}:80"
+        cap_add:
+          - NET_ADMIN
+          - SYS_MODULE
+        environment:
+          - PUID=1000
+          - PGID=1000
+          - TZ=Europe/London
+          - SERVERURL={{domain}}
+          - SERVERPORT=51820 #optional
+          - PEERS=1 #optional
+          - PEERDNS=auto #optional
+          - INTERNAL_SUBNET=10.13.13.0 #optional
+          - ALLOWEDIPS=192.168.1.0/24,192.168.2.0/24 #optional
+        volumes:
+          - /path/to/appdata/config:/config
+          - /lib/modules:/lib/modules
+        ports:
+          - 51820:51820/udp
+        restart: unless-stopped