mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-03-29 04:23:34 +01:00
Wireguard
Description
This role manages Wireguard on the host. It installs the necessary Wireguard packages, configures sysctl settings for IPv4/IPv6 forwarding, and deploys the Wireguard configuration file to enable the VPN service using wg-quick.
Overview
Optimized for both Arch Linux and Ubuntu/Debian, this role performs the following tasks:
- Installs Wireguard tools using the appropriate package manager.
- Copies a sysctl configuration file to enable IP forwarding and proper IPv6 settings.
- Deploys a host-specific Wireguard configuration file to
/etc/wireguard/wg0.cymais.conf
. - Uses systemd handlers to restart the Wireguard service and reload sysctl settings.
Purpose
The primary purpose of this role is to set up and manage a Wireguard VPN configuration on the host. By automating package installation and configuration file deployment, it ensures that the VPN service is enabled with optimal network settings for secure connectivity.
Features
- Multi-Platform Support: Installs Wireguard tools using pacman on Arch Linux and apt on Ubuntu/Debian.
- Sysctl Configuration: Deploys a sysctl configuration file to manage IPv4/IPv6 forwarding and related network parameters.
- Wireguard Configuration: Copies a host-specific Wireguard configuration file to
/etc/wireguard/wg0.cymais.conf
. - Service Management: Provides handlers to restart the Wireguard service and reload sysctl settings.
Administration
For detailed client setup instructions, please see the Administration file.