Move variables to 1 place

Much easier to manage
2020-01-17 22:31:50 +00:00
parent 7b57e438c1
commit 78fa36f20a
11 changed files with 89 additions and 76 deletions
--- a/ansible/roles/gateway/files/haproxy.cfg
+++ b/ansible/roles/gateway/files/haproxy.cfg
@ -40,23 +40,23 @@ defaults
 listen https
 	bind *:443
 	mode tcp
-	server default {{ wireguard.intersect_ip }}:443 check send-proxy
+	server default {{ wireguard.intersect.ip }}:443 check send-proxy

 listen http
 	bind *:80
 	stats enable
 	stats show-node
 	stats uri /haproxy
-	stats auth stats:{{ haproxy_stats_pass }}
-	server default {{ wireguard.intersect_ip }}:80 check
+	stats auth stats:{{ haproxy.stats_pass }}
+	server default {{ wireguard.intersect.ip }}:80 check


 listen matrix
 	bind *:8448
 	mode tcp
-	server default {{ wireguard.intersect_ip }}:8448 check
+	server default {{ wireguard.clients.intersect.ip }}:8448 check

 listen gitea
 	bind *:3022
 	mode tcp
-	server default {{ wireguard.intersect_ip }}:3022 check
+	server default {{ wireguard.clients.intersect.ip }}:3022 check
--- a/ansible/roles/gateway/files/wireguard.conf
+++ b/ansible/roles/gateway/files/wireguard.conf
@ -1,9 +1,11 @@
 [Interface]
-Address = {{ wireguard.server_ip }}
-PrivateKey = {{ wireguard.server_private_key }}
-ListenPort = {{ wireguard.server_port }}
+Address = {{ wireguard.server.ip }}
+PrivateKey = {{ wireguard.server.private_key }}
+ListenPort = {{ wireguard.port }}

+{% for name, config in wireguard.clients.items() %}
 [Peer]
-# intersect
-PublicKey = {{ wireguard.intersect_public_key }}
-AllowedIPs = {{ wireguard.intersect_ip }}/32
+# {{ name }}
+PublicKey = {{ config.public_key }}
+AllowedIPs = {{ config.ip }}/32
+{% endfor %}
--- a/ansible/roles/gateway/tasks/haproxy.yml
+++ b/ansible/roles/gateway/tasks/haproxy.yml
@ -1,25 +1,21 @@
- name: Install Haproxy
-  apt:
-    name: haproxy
-  become: true
-  become_user: root
+# - name: Install Haproxy
+#   apt:
+#     name: haproxy
+#   become: true
+#   become_user: root

- name: Import vault
-  include_vars:
-    file: vars/gateway.yml
+# - name: Haproxy config
+#   template:
+#     src: files/haproxy.cfg
+#     dest: /etc/haproxy/haproxy.cfg
+#     validate: /usr/sbin/haproxy -c -- %s
+#     backup: yes
+#   become: true
+#   become_user: root
+#   register: haproxy_config

- name: Haproxy config
-  template:
-    src: files/haproxy.cfg
-    dest: /etc/haproxy/haproxy.cfg
-    validate: /usr/sbin/haproxy -c -- %s
-    backup: yes
-  become: true
-  become_user: root
-  register: haproxy_config
-
- name: Restart Haproxy
-  service:
-    name: haproxy
-    state: reloaded
-  when: haproxy_config.changed
+# - name: Restart Haproxy
+#   service:
+#     name: haproxy
+#     state: reloaded
+#   when: haproxy_config.changed
--- a/ansible/roles/gateway/tasks/main.yml
+++ b/ansible/roles/gateway/tasks/main.yml
@ -1,7 +1,3 @@
- name: Import wireguard variables
-  include_vars:
-    file: vars/wireguard.yml
-
 - name: Configure HAproxy
  include: haproxy.yml

--- a/ansible/roles/gateway/tasks/wireguard.yml
+++ b/ansible/roles/gateway/tasks/wireguard.yml
@ -42,7 +42,7 @@
 - name: Enable wireguard
  service:
    name: wg-quick@wg0
-    state: reloaded
+    state: restarted
    enabled: true
  when: wireguard_conf.changed
  become: true
--- a/ansible/roles/gateway/vars/gateway.yml
+++ b/ansible/roles/gateway/vars/gateway.yml
@ -1,11 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-33643130633631366239623166623161626335633438656130386638333764363531313238306339
-6438323233313136633065623933613463613065336639330a373365366566303164303232386362
-36333333396163343135383336653261343464323638373836623530323031353035653431363736
-6162333162653938640a363337356361643833383264323731343862366330333839653330663831
-63646638316165326430356661346539376365383231323233613533613866666533613635646339
-32346661333631383466363437653537373631393030316632363136613965343966313339613634
-37353138363538343934616539363366356466393663636161333739376137306364356261353130
-38643432303135333861623261626231373137303261313061386363313361313764316265343636
-30653234636333373464613864633065373633343132633435343664313861363032343133373534
-3363386232616333626635643462356362643363666133303463