Ansible Playbook to set up a simple wireguard vpn on an ubuntu server.
Inspired by ansible-easy-vpn
- Setup ssh key authentification and hardening ssh
- Install basic ufw rules
- Configure wireguard and generate client config files and qrcodes which can be found under
~/wireguard
on your local machine
> ansible-playbook run.yml
> sudo apt-get install ansible
> ansible-galaxy install -r requirements.yml
-
Add your servers to the inventory
-
Edit the variables in
group_vars/vars.yml
-
Create a
vault.yml
file insidegroup_vars
and provide your credentials:# file: group_vars/vault.yml --- vault_new_ansible_user_password: "" vault_user_password: "" vault_ssh_key_passphrase_: "" vault_localhost_password: "" vault_ssh_password1: "" vault_ssh_password2: ""
and encrypt the file with:
> ansible-vault encrypt group_vars/vault.yml