Wireguard

Description

This role manages Wireguard on the host. It installs the necessary Wireguard packages, configures sysctl settings for IPv4/IPv6 forwarding, and deploys the Wireguard configuration file to enable the VPN service using wg-quick.

Overview

Optimized for both Arch Linux and Ubuntu/Debian, this role performs the following tasks:

Installs Wireguard tools using the appropriate package manager.
Copies a sysctl configuration file to enable IP forwarding and proper IPv6 settings.
Deploys a host-specific Wireguard configuration file to /etc/wireguard/wg0.cymais.conf.
Uses systemd handlers to restart the Wireguard service and reload sysctl settings.

Purpose

The primary purpose of this role is to set up and manage a Wireguard VPN configuration on the host. By automating package installation and configuration file deployment, it ensures that the VPN service is enabled with optimal network settings for secure connectivity.

Features

Multi-Platform Support: Installs Wireguard tools using pacman on Arch Linux and apt on Ubuntu/Debian.
Sysctl Configuration: Deploys a sysctl configuration file to manage IPv4/IPv6 forwarding and related network parameters.
Wireguard Configuration: Copies a host-specific Wireguard configuration file to /etc/wireguard/wg0.cymais.conf.
Service Management: Provides handlers to restart the Wireguard service and reload sysctl settings.

Administration

For detailed client setup instructions, please see the Administration file.