From 248a3c08b854bc1c56f5f713fd50fc810519ff4a Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 13:36:14 +0200 Subject: [PATCH 01/10] Initial role-data --- .../defaults/wireguard-ipv6-converter.yml | 12 ++++++++++ wireguard-ipv6-converter/tasks/deploy.yml | 9 ++++++++ wireguard-ipv6-converter/tasks/main.yml | 3 +++ .../tasks/setup-service.yml | 12 ++++++++++ .../templates/wg-ipv6-conv.service.jinja2 | 23 +++++++++++++++++++ 5 files changed, 59 insertions(+) create mode 100644 wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml create mode 100644 wireguard-ipv6-converter/tasks/deploy.yml create mode 100644 wireguard-ipv6-converter/tasks/main.yml create mode 100644 wireguard-ipv6-converter/tasks/setup-service.yml create mode 100644 wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 diff --git a/wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml b/wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml new file mode 100644 index 0000000..5f7ec36 --- /dev/null +++ b/wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml @@ -0,0 +1,12 @@ +wireguard_ipv6_converter: + version: latest + + # see https://github.com/Ruakij/wg-ipv6-converter#31-environment + setup: + interface: wt0 + ipv6_format: "" + filter_prefix: 100.100 + recheck_interval: 60s + + service: + bindTo: netbird.service diff --git a/wireguard-ipv6-converter/tasks/deploy.yml b/wireguard-ipv6-converter/tasks/deploy.yml new file mode 100644 index 0000000..ce13231 --- /dev/null +++ b/wireguard-ipv6-converter/tasks/deploy.yml @@ -0,0 +1,9 @@ +- name: Get architecture + set_fact: + arch: {{ 'amd64' if ansible_architecture == 'x86_64' elif 'amd64' if ansible_architecture == 'aarch64' }} + +- name: Download binary + get_url: + url: https://github.com/Ruakij/wg-ipv6-converter/releases/download/{{ wireguard_ipv6_converter.version }}/wg-ipv6-converter_{{ arch }} + dest: /usr/bin/local/wg-ipv6-converter + mode: "744" diff --git a/wireguard-ipv6-converter/tasks/main.yml b/wireguard-ipv6-converter/tasks/main.yml new file mode 100644 index 0000000..bc96e37 --- /dev/null +++ b/wireguard-ipv6-converter/tasks/main.yml @@ -0,0 +1,3 @@ +- import_tasks: ./deploy.yml + +- import_tasks: ./setup-service.yml diff --git a/wireguard-ipv6-converter/tasks/setup-service.yml b/wireguard-ipv6-converter/tasks/setup-service.yml new file mode 100644 index 0000000..b733887 --- /dev/null +++ b/wireguard-ipv6-converter/tasks/setup-service.yml @@ -0,0 +1,12 @@ +- name: Deploy service + ansible.builtin.template: + src: wg-ipv6-conv.service.jinja2 + dest: /etc/systemd/system/wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }}.service + register: service-file + +- name: Enable service + ansible.builtin.service: + name: wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }} + state: '{{ 'restarted' if service-file.changed else 'started' }}' + enabled: true + diff --git a/wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 b/wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 new file mode 100644 index 0000000..7d85dcc --- /dev/null +++ b/wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 @@ -0,0 +1,23 @@ +[Unit] +Description=WireGuard IPv6 converter for {{ wireguard_ipv6_converter.setup.interface }} +{% if wireguard_ipv6_converter.service.bindTo is defined %} +BindsTo={{ wireguard_ipv6_converter.service.bindTo }} +After={{ wireguard_ipv6_converter.service.bindTo }} +{% endif %} + +[Service] +Type=simple +{% if wireguard_ipv6_converter.service.bindTo is defined %} +ExecStartPre=/bin/sleep 10 +{% endif %} +ExecStart=/usr/local/bin/wg-ipv6-converter +Restart=always +RestartSec=30 + +Environment="INTERFACE={{ wireguard_ipv6_converter.setup.interface }}" +Environment="IPV6_FORMAT={{ wireguard_ipv6_converter.setup.ipv6_format }}" +Environment="FILTER_PREFIX={{ wireguard_ipv6_converter.setup.filter_prefix }}" +Environment="RECHECK_INTERVAL={{ wireguard_ipv6_converter.setup.recheck_interval }}" + +[Install] +WantedBy=multi-user.target From f95bcbc38da379cfd50d00b5e4ad651e30232529 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 14:44:10 +0200 Subject: [PATCH 02/10] change defaults --- .../defaults/wireguard-ipv6-converter.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml b/wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml index 5f7ec36..03cf4cf 100644 --- a/wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml +++ b/wireguard-ipv6-converter/defaults/wireguard-ipv6-converter.yml @@ -3,10 +3,10 @@ wireguard_ipv6_converter: # see https://github.com/Ruakij/wg-ipv6-converter#31-environment setup: - interface: wt0 - ipv6_format: "" - filter_prefix: 100.100 - recheck_interval: 60s + interface: wg0 + #ipv6_format: fc12::%02x%02x:%02x%02x/%d + #filter_prefix: 100.100 + #recheck_interval: 60s service: - bindTo: netbird.service + #bindTo: netbird.service From b143d9c848cde8625c1f930c8968a2ebfef8728f Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 14:45:31 +0200 Subject: [PATCH 03/10] Fix checks --- wireguard-ipv6-converter/tasks/deploy.yml | 2 +- wireguard-ipv6-converter/tasks/setup-service.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/wireguard-ipv6-converter/tasks/deploy.yml b/wireguard-ipv6-converter/tasks/deploy.yml index ce13231..7ef0ace 100644 --- a/wireguard-ipv6-converter/tasks/deploy.yml +++ b/wireguard-ipv6-converter/tasks/deploy.yml @@ -1,6 +1,6 @@ - name: Get architecture set_fact: - arch: {{ 'amd64' if ansible_architecture == 'x86_64' elif 'amd64' if ansible_architecture == 'aarch64' }} + arch: "{{ 'amd64' if ansible_architecture == 'x86_64' else 'arm64' }}" - name: Download binary get_url: diff --git a/wireguard-ipv6-converter/tasks/setup-service.yml b/wireguard-ipv6-converter/tasks/setup-service.yml index b733887..1661861 100644 --- a/wireguard-ipv6-converter/tasks/setup-service.yml +++ b/wireguard-ipv6-converter/tasks/setup-service.yml @@ -2,11 +2,11 @@ ansible.builtin.template: src: wg-ipv6-conv.service.jinja2 dest: /etc/systemd/system/wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }}.service - register: service-file + register: serviceFile - name: Enable service ansible.builtin.service: name: wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }} - state: '{{ 'restarted' if service-file.changed else 'started' }}' + state: "{{ 'restarted' if serviceFile.changed else 'started' }}" enabled: true From 7f503d983a91c08ce7407a1af59176bd899002e1 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 14:45:43 +0200 Subject: [PATCH 04/10] Fix download-location --- wireguard-ipv6-converter/tasks/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wireguard-ipv6-converter/tasks/deploy.yml b/wireguard-ipv6-converter/tasks/deploy.yml index 7ef0ace..e060f32 100644 --- a/wireguard-ipv6-converter/tasks/deploy.yml +++ b/wireguard-ipv6-converter/tasks/deploy.yml @@ -5,5 +5,5 @@ - name: Download binary get_url: url: https://github.com/Ruakij/wg-ipv6-converter/releases/download/{{ wireguard_ipv6_converter.version }}/wg-ipv6-converter_{{ arch }} - dest: /usr/bin/local/wg-ipv6-converter + dest: /usr/local/bin/wg-ipv6-converter mode: "744" From 521b76453af49f84741d436263c45bd342138ccf Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 14:45:55 +0200 Subject: [PATCH 05/10] Add start to naming --- wireguard-ipv6-converter/tasks/setup-service.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wireguard-ipv6-converter/tasks/setup-service.yml b/wireguard-ipv6-converter/tasks/setup-service.yml index 1661861..d9d4f9a 100644 --- a/wireguard-ipv6-converter/tasks/setup-service.yml +++ b/wireguard-ipv6-converter/tasks/setup-service.yml @@ -4,7 +4,7 @@ dest: /etc/systemd/system/wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }}.service register: serviceFile -- name: Enable service +- name: Enable & Start service ansible.builtin.service: name: wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }} state: "{{ 'restarted' if serviceFile.changed else 'started' }}" From 5b607df2de8d4ae1f368c3e8592ff9d0a4e77a20 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 14:47:02 +0200 Subject: [PATCH 06/10] Add checks if var is set --- .../templates/wg-ipv6-conv.service.jinja2 | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 b/wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 index 7d85dcc..e1544a0 100644 --- a/wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 +++ b/wireguard-ipv6-converter/templates/wg-ipv6-conv.service.jinja2 @@ -15,9 +15,15 @@ Restart=always RestartSec=30 Environment="INTERFACE={{ wireguard_ipv6_converter.setup.interface }}" +{% if wireguard_ipv6_converter.setup.ipv6_format is defined %} Environment="IPV6_FORMAT={{ wireguard_ipv6_converter.setup.ipv6_format }}" +{% endif %} +{% if wireguard_ipv6_converter.setup.filter_prefix is defined %} Environment="FILTER_PREFIX={{ wireguard_ipv6_converter.setup.filter_prefix }}" +{% endif %} +{% if wireguard_ipv6_converter.setup.recheck_interval is defined %} Environment="RECHECK_INTERVAL={{ wireguard_ipv6_converter.setup.recheck_interval }}" +{% endif %} [Install] WantedBy=multi-user.target From 1b765689e6dc6c23f54c6358309ca9b1a7f7f110 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 14:50:14 +0200 Subject: [PATCH 07/10] Make sure daemon is reloaded before service-start --- wireguard-ipv6-converter/tasks/setup-service.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wireguard-ipv6-converter/tasks/setup-service.yml b/wireguard-ipv6-converter/tasks/setup-service.yml index d9d4f9a..600e2d7 100644 --- a/wireguard-ipv6-converter/tasks/setup-service.yml +++ b/wireguard-ipv6-converter/tasks/setup-service.yml @@ -9,4 +9,4 @@ name: wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }} state: "{{ 'restarted' if serviceFile.changed else 'started' }}" enabled: true - + daemon-reload: true From 1a76b94a463c9eb98f0f460d2f88273b02b4e150 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 14:58:43 +0200 Subject: [PATCH 08/10] Add download-version --- wireguard-ipv6-converter/tasks/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/wireguard-ipv6-converter/tasks/deploy.yml b/wireguard-ipv6-converter/tasks/deploy.yml index e060f32..cb7a3d0 100644 --- a/wireguard-ipv6-converter/tasks/deploy.yml +++ b/wireguard-ipv6-converter/tasks/deploy.yml @@ -1,9 +1,10 @@ - name: Get architecture set_fact: arch: "{{ 'amd64' if ansible_architecture == 'x86_64' else 'arm64' }}" + versionUri: "{% if wireguard_ipv6_converter.version == 'latest' %}latest/download{% else %}download/{{ wireguard_ipv6_converter.version }}{% endif %}" - name: Download binary get_url: - url: https://github.com/Ruakij/wg-ipv6-converter/releases/download/{{ wireguard_ipv6_converter.version }}/wg-ipv6-converter_{{ arch }} + url: https://github.com/Ruakij/wg-ipv6-converter/releases/{{ versionUri }}/wg-ipv6-converter_{{ arch }} dest: /usr/local/bin/wg-ipv6-converter mode: "744" From 13ebd48c5df11b11766b2e2a83bda92aebf397bd Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 20:22:34 +0200 Subject: [PATCH 09/10] Add register for task download --- wireguard-ipv6-converter/tasks/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/wireguard-ipv6-converter/tasks/deploy.yml b/wireguard-ipv6-converter/tasks/deploy.yml index cb7a3d0..595e19e 100644 --- a/wireguard-ipv6-converter/tasks/deploy.yml +++ b/wireguard-ipv6-converter/tasks/deploy.yml @@ -8,3 +8,4 @@ url: https://github.com/Ruakij/wg-ipv6-converter/releases/{{ versionUri }}/wg-ipv6-converter_{{ arch }} dest: /usr/local/bin/wg-ipv6-converter mode: "744" + register: deployDownload From 7012e1ea2b14979dce75b56db226d5ce83f3b6a0 Mon Sep 17 00:00:00 2001 From: Ruakij Date: Wed, 12 Apr 2023 20:23:08 +0200 Subject: [PATCH 10/10] Separate enable and re-/start service for fine-control --- wireguard-ipv6-converter/tasks/setup-service.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/wireguard-ipv6-converter/tasks/setup-service.yml b/wireguard-ipv6-converter/tasks/setup-service.yml index 600e2d7..c12fc5c 100644 --- a/wireguard-ipv6-converter/tasks/setup-service.yml +++ b/wireguard-ipv6-converter/tasks/setup-service.yml @@ -4,9 +4,14 @@ dest: /etc/systemd/system/wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }}.service register: serviceFile -- name: Enable & Start service +- name: Enable service ansible.builtin.service: name: wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }} - state: "{{ 'restarted' if serviceFile.changed else 'started' }}" - enabled: true daemon-reload: true + enabled: true + +- name: Start service if interface exists already + ansible.builtin.service: + name: wg-ipv6-converter_{{ wireguard_ipv6_converter.setup.interface }} + state: "{{ 'restarted' if deployDownload.changed or serviceFile.changed else 'started' }}" + when: "wireguard_ipv6_converter.setup.interface in ansible_interfaces"