Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tazeg/ansible-wireguard

Create a VPN server with WireGuard
https://github.com/tazeg/ansible-wireguard

ansible ansible-playbook wireguard

Last synced: about 9 hours ago
JSON representation

Create a VPN server with WireGuard

Host: GitHub
URL: https://github.com/tazeg/ansible-wireguard
Owner: Tazeg
Created: 2020-04-07T21:23:09.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2021-02-28T09:16:17.000Z (over 3 years ago)
Last Synced: 2024-05-02T04:14:14.925Z (7 months ago)
Topics: ansible, ansible-playbook, wireguard
Homepage:
Size: 6.84 KB
Stars: 6
Watchers: 3
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml

Awesome Lists containing this project

README

        # Ansible WireGuard

This creates a VPN server on Ubuntu 18.04 with WireGuard.

Script is based on [Getting Started with WireGuard](https://miguelmota.com/blog/getting-started-with-wireguard/).

## Requirement

On your client computer :

- Install [WireGuard](https://www.wireguard.com/install/)

- Generate you client private and public keys :

  ```bash

  umask 077

  wg genkey | tee privatekey | wg pubkey > publickey

  ```

- Install [Ansible](https://www.ansible.com/)

- As root :

  ```bash

  ip link add dev wg0 type wireguard

  ip address add dev wg0 192.168.2.1/24

  ```

## Usage

The following script does the job to make for example a VPS as a VPN server. Your WireGuard client public key will be asked.

```bash

git clone https://github.com/Tazeg/ansible-wireguard.git

cd ansible-wireguard

ansible-playbook -i , playbooks/wireguard_server.yml -e "ansible_port=2222" -e "ansible_user=root"

```

- ``: replace with your Ubuntu server public IP

- `-e "ansible_port=2222"`: optional, if you are not using ssh on port 22

- `-e "ansible_user=root"`: ssh connexion as root

After running the ansible script, create the file `/etc/wireguard/wg0.conf` on your client computer and replace `` :

```ini

# local device

[Interface]

Address = 10.0.0.2/32

PrivateKey = 

DNS = 1.1.1.1

# server

[Peer]

PublicKey = 

Endpoint = :51820

AllowedIPs = 0.0.0.0/0

PersistentKeepalive = 25

```

Then run on your computer :

```bash

curl https://ipinfo.io/ip # your computer public IP

sudo wg-quick up wg0

curl https://ipinfo.io/ip # you now have the public IP of the server

```

To stop connexion :

```bash

sudo wg-quick down wg0

```