feat(wireguard_server): Add wstunnel server setup
This commit is contained in:
gemini
@@ -1,6 +1,7 @@
|
||||
---
|
||||
# handlers file for wireguard-server
|
||||
- name: wireguard-server restart
|
||||
ansible.builtin.service:
|
||||
name: wg-quick@wireguardserver
|
||||
# handlers file for wireguard_server
|
||||
- name: Restart wstunnel
|
||||
ansible.builtin.systemd:
|
||||
name: wstunnel
|
||||
state: restarted
|
||||
become: true
|
||||
|
||||
@@ -1,4 +1,7 @@
|
||||
---
|
||||
- name: WStunnel setup
|
||||
ansible.builtin.import_tasks: wstunnel.yml
|
||||
|
||||
- name: Copy config
|
||||
template:
|
||||
src: ../templates/wireguardserver.conf
|
||||
|
||||
56
roles/wireguard_server/tasks/wstunnel.yml
Normal file
56
roles/wireguard_server/tasks/wstunnel.yml
Normal file
@@ -0,0 +1,56 @@
|
||||
---
|
||||
- name: Check if wstunnel is already installed
|
||||
ansible.builtin.stat:
|
||||
path: /usr/local/bin/wstunnel
|
||||
register: wstunnel_binary
|
||||
|
||||
- name: Download and install wstunnel
|
||||
when: not wstunnel_binary.stat.exists
|
||||
block:
|
||||
- name: Download and unarchive wstunnel package
|
||||
ansible.builtin.unarchive:
|
||||
src: https://github.com/erebe/wstunnel/releases/download/v5.1/wstunnel_5.1_linux_amd64.tar.gz
|
||||
dest: /tmp
|
||||
remote_src: yes
|
||||
creates: /tmp/wstunnel
|
||||
|
||||
- name: Move wstunnel binary to /usr/local/bin
|
||||
ansible.builtin.copy:
|
||||
src: /tmp/wstunnel
|
||||
dest: /usr/local/bin/wstunnel
|
||||
mode: '0755'
|
||||
remote_src: yes
|
||||
become: true
|
||||
|
||||
- name: Clean up temporary wstunnel file
|
||||
ansible.builtin.file:
|
||||
path: /tmp/wstunnel
|
||||
state: absent
|
||||
|
||||
- name: Create wstunnel systemd service file
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/systemd/system/wstunnel.service
|
||||
content: |
|
||||
[Unit]
|
||||
Description=WSTunnel Server
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=nobody
|
||||
ExecStart=/usr/local/bin/wstunnel -s 127.0.0.1:8080 -t udp://127.0.0.1:51820
|
||||
Restart=always
|
||||
RestartSec=3
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
become: true
|
||||
notify: Restart wstunnel
|
||||
|
||||
- name: Ensure wstunnel service is started and enabled
|
||||
ansible.builtin.systemd:
|
||||
name: wstunnel
|
||||
state: started
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
become: true
|
||||
Reference in New Issue
Block a user