From 149e630c47b4a5c548234a0d3b0f472b207ff7c1 Mon Sep 17 00:00:00 2001
From: Jarod Pauchet <jarod.pauchet@localhost>
Date: Thu, 14 Nov 2024 16:45:36 +0100
Subject: [PATCH 1/4] Ajout des playbooks wireguard

---
 ansible/hosts       | 10 +++++++
 ansible/mkwgconf.sh | 50 ++++++++++++++++++++++++++++++++++
 ansible/wg.yml      | 65 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 125 insertions(+)
 create mode 100644 ansible/mkwgconf.sh
 create mode 100644 ansible/wg.yml

diff --git a/ansible/hosts b/ansible/hosts
index 99bae8b..fd1298f 100644
--- a/ansible/hosts
+++ b/ansible/hosts
@@ -1,2 +1,12 @@
 [pt]
 ap33-pt
+
+[wg]
+ap33-mon
+ap33-prod
+
+[wg_master]
+ap33-mon
+
+[wg_cli]
+ap33-prod
diff --git a/ansible/mkwgconf.sh b/ansible/mkwgconf.sh
new file mode 100644
index 0000000..db23337
--- /dev/null
+++ b/ansible/mkwgconf.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+set -u
+set -e
+
+AddressAwg=10.0.0.1/24  # Adresse VPN Wireguard extremite A
+EndpointA=172.16.0.122  # Adresse extremite A
+PortA=51820             # Port ecoute extremite A
+AddressBwg=10.0.0.2/24  # Adresse VPN Wireguard extremite B
+EndpointB=172.16.0.121  # Adresse extremite B
+PortB=51820             # Port ecoute extremite B
+
+umask 077 ;
+wg genkey > endpoint-a.key
+wg pubkey < endpoint-a.key > endpoint-a.pub
+
+wg genkey > endpoint-b.key
+wg pubkey < endpoint-b.key > endpoint-b.pub
+
+PKA=$(cat endpoint-a.key)
+pKA=$(cat endpoint-a.pub)
+PKB=$(cat endpoint-b.key)
+pKB=$(cat endpoint-b.pub)
+
+cat <<FINI > wg0-1.conf
+# local settings for Endpoint A
+[Interface]
+PrivateKey = $PKA
+Address = $AddressAwg
+ListenPort = $PortA
+
+# remote settings for Endpoint B
+[Peer]
+PublicKey = $pKB
+Endpoint = ${EndpointB}:$PortB
+AllowedIPs = $AddressBwg
+FINI
+
+cat <<FINI > wg0-2.conf
+# local settings for Endpoint B
+[Interface]
+PrivateKey = $PKB
+Address = $AddressBwg
+ListenPort = $PortB
+
+# remote settings for Endpoint A
+[Peer]
+PublicKey = $pKA
+Endpoint = ${EndpointA}:$PortA
+AllowedIPs = $AddressAwg
+FINI
diff --git a/ansible/wg.yml b/ansible/wg.yml
new file mode 100644
index 0000000..1329b2c
--- /dev/null
+++ b/ansible/wg.yml
@@ -0,0 +1,65 @@
+---
+- hosts: wg
+  become: yes
+  tasks:
+    - name: arrete unattended-upgrades
+      service:
+        name: unattended-upgrades
+        state: stopped
+
+    - name: installe Wireguard
+      apt:
+        name:
+          - wireguard
+          - wireguard-tools
+        state: present
+
+- hosts: wg_master
+  tasks:
+    - name: copie le fichier wg0-1.conf et wg0-2.conf vers les machines master et cli
+      copy:
+        src: mkwgconf.sh
+        dest: mkwgconf.sh
+
+    - name: generations fichier configuration wireguard wg0-1.conf etc
+      shell: bash mkwgconf.sh
+
+    - name: récupération du fichier wg0-1.conf vers ap33-ans
+      fetch:
+        src: wg0-1.conf
+        dest: wg0-1.conf
+        flat: yes
+
+    - name: récupération du fichier wg0-2.conf vers ap33-ans
+      fetch:
+        src: wg0-2.conf
+	dest: wg0-2.conf
+        flat: yes
+
+- hosts: wg
+  become: yes
+  tasks:
+    - name: copie fichier  wg0-1 vers les clients
+      copy:
+        src: wg0-1.conf
+        dest: /etc/wireguard/wg0.conf
+      when: ansible_hostname == "ap33-mon"
+
+    - name: copie fichier  wg0-2 vers les clients
+      copy:
+        src: wg0-2.conf
+        dest: /etc/wireguard/wg0.conf
+      when: ansible_hostname == "ap33-prod"
+
+- hosts: wg
+  become: yes
+  tasks:
+    - name: Activation de wireguard
+      service:
+        name: wg-quick@wg0.service
+        enabled: yes
+
+    - name: Redémarre le wireguard
+      service:
+        name: wg-quick@wg0.service
+        state: restarted
\ No newline at end of file

From ea95044a7dc2d41c70e6653895a6129b31daaa62 Mon Sep 17 00:00:00 2001
From: uap33-2025-r <uap33-2025-r@localhost>
Date: Thu, 14 Nov 2024 16:50:51 +0100
Subject: [PATCH 2/4] Actualiser ansible/wg.yml

---
 ansible/wg.yml | 27 +--------------------------
 1 file changed, 1 insertion(+), 26 deletions(-)

diff --git a/ansible/wg.yml b/ansible/wg.yml
index 4d39baa..8fb6120 100644
--- a/ansible/wg.yml
+++ b/ansible/wg.yml
@@ -1,6 +1,5 @@
 ---
 - hosts: wg
-<<<<<<< HEAD
   become: yes
   tasks:
     - name: arrete unattended-upgrades
@@ -34,7 +33,7 @@
     - name: récupération du fichier wg0-2.conf vers ap33-ans
       fetch:
         src: wg0-2.conf
-	dest: wg0-2.conf
+        dest: wg0-2.conf
         flat: yes
 
 - hosts: wg
@@ -64,27 +63,3 @@
       service:
         name: wg-quick@wg0.service
         state: restarted
-=======
-  tasks:
-  - name: installe Wireguard
-    apt:
-      name:
-        - wireguard
-        - wireguard-tools
-      state: present
-
-- hosts: wg-master
-  tasks:
-  - name: copie le fichier wg1-a.conf et wg1-b.conf vers les machines master et cli
-    copy:
-      src: mkwgconf.sh
-      dest: mkwgconf.sh
-      flat: yes
-  - name: generations fichier configuration wireguard wg0-1.conf etc
-    shell: bash mkwgconf.sh
-      
-- hosts: wg-cli
-  tasks:
-  - name: copie fichier 
-
->>>>>>> d6e080d0145615056a7a0eb3d2f9e512809eb4f5

From 77c6e532b38ad90e7091a88fc3eb11b4c96f9709 Mon Sep 17 00:00:00 2001
From: uap33-2025-r <uap33-2025-r@localhost>
Date: Thu, 14 Nov 2024 16:51:29 +0100
Subject: [PATCH 3/4] Actualiser ansible/mkwgconf.sh

---
 ansible/mkwgconf.sh | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/ansible/mkwgconf.sh b/ansible/mkwgconf.sh
index 39ff466..db23337 100644
--- a/ansible/mkwgconf.sh
+++ b/ansible/mkwgconf.sh
@@ -2,17 +2,10 @@
 set -u
 set -e
 
-<<<<<<< HEAD
 AddressAwg=10.0.0.1/24  # Adresse VPN Wireguard extremite A
 EndpointA=172.16.0.122  # Adresse extremite A
 PortA=51820             # Port ecoute extremite A
 AddressBwg=10.0.0.2/24  # Adresse VPN Wireguard extremite B
-=======
-AddressAwg=172.16.0.1/24  # Adresse VPN Wireguard extremite A
-EndpointA=172.16.0.122  # Adresse extremite A
-PortA=51820             # Port ecoute extremite A
-AddressBwg=172.16.0.2/24  # Adresse VPN Wireguard extremite B
->>>>>>> d6e080d0145615056a7a0eb3d2f9e512809eb4f5
 EndpointB=172.16.0.121  # Adresse extremite B
 PortB=51820             # Port ecoute extremite B
 
@@ -28,11 +21,7 @@ pKA=$(cat endpoint-a.pub)
 PKB=$(cat endpoint-b.key)
 pKB=$(cat endpoint-b.pub)
 
-<<<<<<< HEAD
 cat <<FINI > wg0-1.conf
-=======
-cat <<FINI > wg1-a.conf
->>>>>>> d6e080d0145615056a7a0eb3d2f9e512809eb4f5
 # local settings for Endpoint A
 [Interface]
 PrivateKey = $PKA
@@ -46,11 +35,7 @@ Endpoint = ${EndpointB}:$PortB
 AllowedIPs = $AddressBwg
 FINI
 
-<<<<<<< HEAD
 cat <<FINI > wg0-2.conf
-=======
-cat <<FINI > wg1-b.conf
->>>>>>> d6e080d0145615056a7a0eb3d2f9e512809eb4f5
 # local settings for Endpoint B
 [Interface]
 PrivateKey = $PKB

From d29ce732af0fce68c555df54563113473c3a0c5b Mon Sep 17 00:00:00 2001
From: Jarod Pauchet <jarod.pauchet@localhost>
Date: Fri, 15 Nov 2024 09:06:41 +0100
Subject: [PATCH 4/4] hosts modification

---
 ansible/hosts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ansible/hosts b/ansible/hosts
index fd1298f..dc5fde2 100644
--- a/ansible/hosts
+++ b/ansible/hosts
@@ -4,9 +4,11 @@ ap33-pt
 [wg]
 ap33-mon
 ap33-prod
+ap33-test
 
 [wg_master]
 ap33-mon
 
 [wg_cli]
 ap33-prod
+ap33-test