wg-aws/roles/headscale-server/tasks/main.yml

---
- name: Update APT package cache
  apt:
    update_cache: true
    upgrade: dist

- name: Install debian packages
  apt:
    name: "{{ item }}"
    state: present
  with_items:
    - "unattended-upgrades"
    - "joe"
    - "fail2ban"

- name: Download headscale .deb
  get_url: 
    url="https://github.com/juanfont/headscale/releases/download/v0.24.0/headscale_0.24.0_linux_arm64.deb"
    dest="/tmp/headscale.deb"

- name: Install my_package
  apt: deb="/tmp/headscale.deb"

- name: determine name of host
  ansible.builtin.set_fact:
    headscale_hostname: "{{ inventory_hostname }}"

- name: determine name of network
  ansible.builtin.set_fact:
    headscale_base_domain: "{{ headscale_hostname | regex_replace('^[\\w-]+\\.', '') }}"

- name: generate config
  template:
    src: "config.yaml"
    dest: "/etc/headscale/config.yaml"

- name: ensure directories are present
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: '0755'
  with_items: 
    - /var/lib/headscale
    - /var/lib/headscale/cache

- name: Enable systemd service
  ansible.builtin.systemd:
    name: headscale.service
    state: started
    enabled: true

# Exit node:
#    curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null
#    curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list
# apt-get update
# apt-get install tailscale
# tailscale up --advertise-exit-node --login-server https://headscale.wolkige.abgruen.de
#
basic headscale installation 2023-05-19 10:49:23 +02:00			`---`
DERP & Exit-Node 2023-05-19 11:08:46 +02:00			`- name: Update APT package cache`
			`apt:`
			`update_cache: true`
			`upgrade: dist`

			`- name: Install debian packages`
			`apt:`
			`name: "{{ item }}"`
			`state: present`
			`with_items:`
			`- "unattended-upgrades"`
			`- "joe"`
			`- "fail2ban"`

Updated headscale version and new config file format 2025-01-17 21:23:19 +01:00			`- name: Download headscale .deb`
			`get_url:`
			`url="https://github.com/juanfont/headscale/releases/download/v0.24.0/headscale_0.24.0_linux_arm64.deb"`
			`dest="/tmp/headscale.deb"`
basic headscale installation 2023-05-19 10:49:23 +02:00
Updated headscale version and new config file format 2025-01-17 21:23:19 +01:00			`- name: Install my_package`
			`apt: deb="/tmp/headscale.deb"`
basic headscale installation 2023-05-19 10:49:23 +02:00
			`- name: determine name of host`
			`ansible.builtin.set_fact:`
			`headscale_hostname: "{{ inventory_hostname }}"`

			`- name: determine name of network`
			`ansible.builtin.set_fact:`
			`headscale_base_domain: "{{ headscale_hostname \| regex_replace('^[\\w-]+\\.', '') }}"`

			`- name: generate config`
			`template:`
			`src: "config.yaml"`
			`dest: "/etc/headscale/config.yaml"`

			`- name: ensure directories are present`
			`ansible.builtin.file:`
			`path: "{{ item }}"`
			`state: directory`
			`mode: '0755'`
			`with_items:`
			`- /var/lib/headscale`
			`- /var/lib/headscale/cache`

			`- name: Enable systemd service`
			`ansible.builtin.systemd:`
			`name: headscale.service`
			`state: started`
			`enabled: true`
DERP & Exit-Node 2023-05-19 11:08:46 +02:00
			`# Exit node:`
			`# curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg \| sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null`
			`# curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list \| sudo tee /etc/apt/sources.list.d/tailscale.list`
			`# apt-get update`
			`# apt-get install tailscale`
			`# tailscale up --advertise-exit-node --login-server https://headscale.wolkige.abgruen.de`
			`#`