Wireguard

Description

This role manages Wireguard on the host. It installs the necessary Wireguard packages, configures sysctl settings for IPv4/IPv6 forwarding, and deploys the Wireguard configuration file to enable the VPN service using wg-quick.

Overview

Optimized for both Arch Linux and Ubuntu/Debian, this role performs the following tasks:

• Installs Wireguard tools using the appropriate package manager.

• Copies a sysctl configuration file to enable IP forwarding and proper IPv6 settings.

• Deploys a host-specific Wireguard configuration file to /etc/wireguard/wg0.cymais.conf.

• Uses systemd handlers to restart the Wireguard service and reload sysctl settings.

Purpose

The primary purpose of this role is to set up and manage a Wireguard VPN configuration on the host. By automating package installation and configuration file deployment, it ensures that the VPN service is enabled with optimal network settings for secure connectivity.

Features

• Multi-Platform Support: Installs Wireguard tools using pacman on Arch Linux and apt on Ubuntu/Debian.

• Sysctl Configuration: Deploys a sysctl configuration file to manage IPv4/IPv6 forwarding and related network parameters.

• Wireguard Configuration: Copies a host-specific Wireguard configuration file to /etc/wireguard/wg0.cymais.conf.

• Service Management: Provides handlers to restart the Wireguard service and reload sysctl settings.

Administration

For detailed client setup instructions, please see the Administration file.