59 lines
1.6 KiB
YAML
59 lines
1.6 KiB
YAML
---
|
|
- name: Update APT package cache
|
|
apt:
|
|
update_cache: true
|
|
upgrade: dist
|
|
|
|
- name: Install debian packages
|
|
apt:
|
|
name: "{{ item }}"
|
|
state: present
|
|
with_items:
|
|
- "unattended-upgrades"
|
|
- "joe"
|
|
- "fail2ban"
|
|
|
|
#- name: Download headscale .deb
|
|
# get_url:
|
|
# url="https://github.com/juanfont/headscale/releases/download/v0.22.3/headscale_0.22.3_linux_arm64.deb"
|
|
# dest="/tmp/headscale.deb"
|
|
|
|
#- name: Install my_package
|
|
# apt: deb="/tmp/headscale.deb"
|
|
|
|
- name: determine name of host
|
|
ansible.builtin.set_fact:
|
|
headscale_hostname: "{{ inventory_hostname }}"
|
|
|
|
- name: determine name of network
|
|
ansible.builtin.set_fact:
|
|
headscale_base_domain: "{{ headscale_hostname | regex_replace('^[\\w-]+\\.', '') }}"
|
|
|
|
- name: generate config
|
|
template:
|
|
src: "config.yaml"
|
|
dest: "/etc/headscale/config.yaml"
|
|
|
|
- name: ensure directories are present
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
mode: '0755'
|
|
with_items:
|
|
- /var/lib/headscale
|
|
- /var/lib/headscale/cache
|
|
|
|
- name: Enable systemd service
|
|
ansible.builtin.systemd:
|
|
name: headscale.service
|
|
state: started
|
|
enabled: true
|
|
|
|
# Exit node:
|
|
# curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null
|
|
# curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list
|
|
# apt-get update
|
|
# apt-get install tailscale
|
|
# tailscale up --advertise-exit-node --login-server https://headscale.wolkige.abgruen.de
|
|
#
|