aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Joe Banks <[email protected]>2024-08-30 18:54:20 +0100
committerGravatar Joe Banks <[email protected]>2024-08-30 18:54:20 +0100
commit8bed4a0bd7c74b546bb43eefd067472091551b7f (patch)
tree83d6bf2a2048701ba245e0f630267b3c6dde9d9b
parentSetup firewall rule for Rocky hosts in munin-node (diff)
Create a new firewalld zone for Wireguard interface on Rocky hosts
Diffstat
-rw-r--r--ansible/roles/wireguard/tasks/main.yml19
1 files changed, 19 insertions, 0 deletions
diff --git a/ansible/roles/wireguard/tasks/main.yml b/ansible/roles/wireguard/tasks/main.yml
index a670687..a261556 100644
--- a/ansible/roles/wireguard/tasks/main.yml
+++ b/ansible/roles/wireguard/tasks/main.yml
@@ -5,6 +5,25 @@
tags:
- role::wireguard
+- name: Create firewalld zone for Wireguard on Rocky hosts
+ ansible.posix.firewalld:
+ zone: wireguard
+ state: present
+ permanent: true
+ when: ansible_distribution == "Rocky"
+ tags:
+ - role::wireguard
+
+- name: Add wg0 interface to wireguard firewalld zone
+ ansible.posix.firewalld:
+ zone: wireguard
+ interface: wg0
+ state: enabled
+ permanent: true
+ when: ansible_distribution == "Rocky"
+ tags:
+ - role::wireguard
+
- name: Generate WireGuard private key
shell: set -o pipefail && wg genkey > /etc/wireguard/key.priv
args:
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-19 06:49:40 +0000