Merge pull request '[EVO] Manager wiregard as kernel module' (#3) from debian12 into master

Reviewed-on: #3

tasks/configuration.yml

@@ -1,42 +0,0 @@
----
-# tasks file for wireguard
-
-- name: Déployer la configuration des interfaces
-  ansible.builtin.template:
-    src: wgN.j2
-    dest: /etc/wireguard/{{ interface }}.conf
-    owner: root
-    group: root
-    mode: u=rw,g=r,o=r
-  loop: "{{ wireguard_interfaces }}"
-  loop_control:
-    index_var: index
-    label: "{{ interface }}"
-  vars:
-    interface: wg{{ index }}
-  become: true
-  register: deploy
-  notify:
-    - Activer les services
-    - Redémarrer les services
-
-#- name: Activer les services
-#  ansible.builtin.systemd:
-#    state: restarted
-#    enabled: true
-#    name: wg-quick@wg{{ item }}.service
-#  become: true
-#  loop: "{{ deploy.results | selectattr('changed', 'equalto', true) | map(attribute='index') }}"
-#  loop_control:
-#    index_var: index
-#    label: wg{{ index }}
-#
-#- name: Redémarrer les services
-#  ansible.builtin.systemd:
-#    state: restarted
-#    name: wg-quick@wg{{ item }}.service
-#  become: true
-#  loop: "{{ deploy.results | selectattr('changed', 'equalto', true) | map(attribute='index') }}"
-#  loop_control:
-#    index_var: index
-#    label: wg{{ index }}

tasks/installation.yml

@@ -1,33 +0,0 @@
----
-# tasks file for wireguard
-
-- name: Installer le paquet
-  ansible.builtin.apt:
-    update_cache: true
-    name: wireguard
-  when: wireguard_module_host | length == 0
-  become: true
-  register: wireguard_install
-
-- name: Installer le module du noyau sur l'hôte
-  ansible.builtin.apt:
-    update_cache: true
-    name: wireguard-dkms
-  when: wireguard_module_host | length > 0
-  delegate_to: "{{ wireguard_module_host }}"
-  become: true
-
-- name: Installer l'outil de configuration
-  ansible.builtin.apt:
-    update_cache: true
-    name: wireguard-tools
-  when: wireguard_module_host | length > 0
-  become: true
-
-#- name: Créer le dossier contenant la configuration
-#  ansible.builtin.file:
-#    state: directory
-#    mode: u=rwx,g=,o=
-#    path: "{{ wireguard_conf_path }}"
-#  delegate_to: "{{ wireguard_server_host }}"
-#  become: true

tasks/main.yml

@@ -1,8 +1,50 @@
 ---
 # tasks file for wireguard
 
-- name: Importer les tâches d'installation
+- name: Installer le paquet
-  ansible.builtin.import_tasks: installation.yml
+  ansible.builtin.apt:
+    update_cache: true
+    name: wireguard
+  when: wireguard_module_host | length == 0
+  become: true
 
-- name: Importer les tâches de configuration
+- name: Tâches de gestion du module du noyau
-  ansible.builtin.import_tasks: configuration.yml
+  block:
+    - name: Charger le module du noyau
+      community.general.modprobe:
+        name: wireguard
+        state: present
+  rescue:
+    - name: Installer le module du noyau sur l'hôte
+      ansible.builtin.apt:
+        update_cache: true
+        name: wireguard-dkms
+  when: wireguard_module_host | length > 0
+  become: true
+  delegate_to: "{{ wireguard_module_host }}"
+
+- name: Installer l'outil de configuration
+  ansible.builtin.apt:
+    update_cache: true
+    name: wireguard-tools
+  when: wireguard_module_host | length > 0
+  become: true
+
+- name: Déployer la configuration des interfaces
+  ansible.builtin.template:
+    src: wgN.j2
+    dest: /etc/wireguard/{{ interface }}.conf
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+  loop: "{{ wireguard_interfaces }}"
+  loop_control:
+    index_var: index
+    label: "{{ interface }}"
+  vars:
+    interface: wg{{ index }}
+  become: true
+  register: deploy
+  notify:
+    - Activer les services
+    - Redémarrer les services

templates/wgN.j2

@@ -11,7 +11,9 @@ Address = {{ item.addresses | join(', ') }}
 [Peer]
 # {{ peer.name }}
 PublicKey = {{ peer.pubkey }}
+{% if peer.endpoint is defined %}
 Endpoint = {{ peer.endpoint }}
+{% endif %}
 AllowedIPs = {{ peer.allowed_ips | join(', ') }}
 {% if peer.persistent_keepalive is defined %}
 PersistentKeepalive = {{ peer.persistent_keepalive }}