--- /dev/null
+class profile::wireguard (
+) {
+ $password_seed = lookup("base_installation::puppet_pass_seed")
+
+ ensure_packages(["linux-headers"], { before => Package["wireguard-dkms"] })
+ ensure_packages(["wireguard-tools", "wireguard-dkms"])
+
+ $host = $facts["ldapvar"]["self"]
+ if has_key($host["vars"], "wireguard_ip") {
+ $ips = $host["vars"]["wireguard_ip"]
+ } else {
+ $ips = []
+ }
+
+ $private_key = generate_password(32, $password_seed, "wireguard", "curve25519", true)
+
+ file { "/etc/wireguard/network.conf":
+ ensure => "file",
+ mode => "0600",
+ content => template("profile/wireguard/network.conf.erb"),
+ require => [Package["wireguard-tools"], Package["wireguard-dkms"]],
+ }
+ ->
+ service { "wg-quick@network":
+ ensure => "running",
+ enable => true,
+ }
+
+}
projects / perso / Immae / Projets / Puppet.git / blobdiff