Ajout des fichiers VPN

2025-12-05 14:58:16 +00:00
parent d37227592b
commit 9e90b1b26f
2 changed files with 151 additions and 0 deletions
--- a/partie2/ansible/wg.yml
+++ b/partie2/ansible/wg.yml
@@ -0,0 +1,60 @@
+---
+- name: WireGuard pour apx31-prod et apx31-test
+  hosts:
+    - ap31-test
+    - ap31-prod
+  become: true
+
+  tasks:
+
+    - name: Installer WireGuard
+      apt:
+        name:
+          - wireguard
+          - wireguard-tools
+        state: present
+        update_cache: true
+
+    - name: Copier le script mkwgconf-p2p.sh dans /tmp
+      ansible.builtin.copy:
+        src: mkwgconf-p2p.sh
+        dest: /tmp/mkwgconf-p2p.sh
+        mode: '0755'
+
+    - name: Executer le script mkwgconf
+      ansible.builtin.shell:
+        cmd: cd /tmp && /tmp/mkwgconf-p2p.sh
+      when: inventory_hostname == "ap31-test"
+
+    - name: Recupere wg0-a.conf
+      ansible.builtin.fetch:
+        src: /tmp/wg0-a.conf
+        dest: /tmp/
+          #        mode: '0600'
+        flat: yes
+      when: inventory_hostname == "ap31-test"
+
+    - name: Recupere wg0-b.conf
+      ansible.builtin.fetch:
+        src: /tmp/wg0-b.conf
+        dest: /tmp/
+          #       mode: '0600'
+        flat: yes
+      when: inventory_hostname == "ap31-test"
+
+    - name: Renvoi wg0-a.conf
+      ansible.builtin.copy:
+        src: /tmp/wg0-a.conf
+        dest: /etc/wireguard/wg0.conf
+          #  mode: '0600'
+      when: inventory_hostname == "ap31-test"
+
+    - name: Renvoi  wg0-b.conf
+      ansible.builtin.copy:
+        src: /tmp/wg0-b.conf
+        dest: /etc/wireguard/wg0.conf
+          #mode: '0600'
+      when: inventory_hostname == "ap31-prod"
+
+
+