michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: lots of changes

Browse Source
This commit is contained in:
Michael Schiemer
2025-05-24 07:09:22 +02:00
parent 77ee769d5e
commit 899227b0a4
178 changed files with 5145 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
ansible/roles/wireguard/tasks/generate_client_single.yml Normal file
View File

@@ -0,0 +1,60 @@
- name: Key-Verzeichnis für Client anlegen
file:
path: "{{ role_path }}/client-keys/{{ client.name }}"
state: directory
mode: "0700"
become: true
- name: Existenz des privaten Schlüssels prüfen
stat:
path: "{{ role_path }}/client-keys/{{ client.name }}/private.key"
register: client_private_key_stat
- name: Privaten Schlüssel generieren (nur falls nicht vorhanden)
command: wg genkey
register: genpriv
args:
chdir: "{{ role_path }}/client-keys/{{ client.name }}"
when: not client_private_key_stat.stat.exists
- name: Privaten Schlüssel speichern (nur falls nicht vorhanden)
copy:
content: "{{ genpriv.stdout }}"
dest: "{{ role_path }}/client-keys/{{ client.name }}/private.key"
mode: "0600"
when: not client_private_key_stat.stat.exists
- name: Public Key aus privaten Schlüssel generieren (bei Neuerstellung)
command: wg pubkey
args:
stdin: "{{ genpriv.stdout }}"
chdir: "{{ role_path }}/client-keys/{{ client.name }}"
register: genpub
when: not client_private_key_stat.stat.exists
- name: Bestehenden privaten Schlüssel laden (falls vorhanden)
slurp:
src: "{{ role_path }}/client-keys/{{ client.name }}/private.key"
register: loaded_private
when: client_private_key_stat.stat.exists
- name: Public Key aus gespeichertem Private Key erzeugen (falls vorhanden)
command: wg pubkey
args:
stdin: "{{ loaded_private.content | b64decode }}"
chdir: "{{ role_path }}/client-keys/{{ client.name }}"
register: genpub_existing
when: client_private_key_stat.stat.exists
- name: Public Key für Client in Datei schreiben
copy:
content: >
{{ (genpub.stdout if not client_private_key_stat.stat.exists else genpub_existing.stdout) }}
dest: "{{ role_path }}/client-keys/{{ client.name }}/public.key"
mode: "0644"
- name: Variablen für Client setzen (private/public key, Adresse)
set_fact:
"wg_{{ client.name }}_private_key": "{{ (genpriv.stdout if not client_private_key_stat.stat.exists else loaded_private.content | b64decode) }}"
"wg_{{ client.name }}_public_key": "{{ (genpub.stdout if not client_private_key_stat.stat.exists else genpub_existing.stdout) }}"
"wg_{{ client.name }}_address": "{{ client.address }}"