1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_collection_wireguard.git synced 2024-10-27 22:47:42 +01:00

Install and download wireguard-ui

This commit is contained in:
L3D 2024-10-13 23:50:04 +02:00
parent a5f3bd8494
commit 50c852ef97
Signed by: l3d
GPG key ID: CD08445BFF4313D1
18 changed files with 358 additions and 0 deletions

4
.github/FUNDING.yml vendored Normal file
View file

@ -0,0 +1,4 @@
---
github: [do1jlr]
liberapay: l3d

14
.github/dependabot.yml vendored Normal file
View file

@ -0,0 +1,14 @@
---
# See https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
- package-ecosystem: "gitsubmodule"
directory: "/"
schedule:
interval: "weekly"

View file

@ -0,0 +1,22 @@
---
name: Ansible Lint check
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
name: Ansible Lint
runs-on: ubuntu-latest
steps:
- name: Checkout git repo
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0
- name: Run ansible-lint
uses: ansible-actions/ansible-lint-action@v1.0.3
with:
target: "./"

22
.github/workflows/galaxy.yml vendored Normal file
View file

@ -0,0 +1,22 @@
---
name: Galaxy release
# yamllint disable-line rule:truthy
on:
release:
types: ['created']
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0
- name: "Publish Ansible"
uses: ansible/ansible-publish-action@v1.0.0
with:
api_key: "${{ secrets.GALAXY_API_KEY }}"

22
.github/workflows/j2lint-check.yml vendored Normal file
View file

@ -0,0 +1,22 @@
---
name: Jinja2 Linting check
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
name: Jinja2 Linting
runs-on: ubuntu-latest
steps:
- name: Checkout git repo
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0
- name: Run j2lint
uses: ansible-actions/j2lint-action@v0.0.1
with:
target: "./"

22
.github/workflows/yamllint-check.yml vendored Normal file
View file

@ -0,0 +1,22 @@
---
name: Yamllint check
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
name: Yamllint
runs-on: ubuntu-latest
steps:
- name: Checkout git repo
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0
- name: Run yamllint
uses: ansible-actions/yamllint-action@v0.0.2
with:
target: "./"

0
CHANGELOG.md Normal file
View file

0
CHANGELOG.rst Normal file
View file

View file

@ -1,2 +1,4 @@
# ansible_collections_wireguard
Ansible Collection to configure wireguard
Work in Progress

0
changelog Normal file
View file

63
galaxy.yml Normal file
View file

@ -0,0 +1,63 @@
---
### REQUIRED
# The namespace of the collection. This can be a company/brand/organization or product namespace under which all
# content lives. May only contain alphanumeric lowercase characters and underscores. Namespaces cannot start with
# underscores or numbers and cannot contain consecutive underscores
namespace: l3d
# The name of the collection. Has the same character restrictions as 'namespace'
name: wireguard
# The version of the collection. Must be compatible with semantic versioning
version: 1.0.0
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
readme: README.md
# A list of the collection's content authors. Can be just the name or in the format 'Full Name <email> (url)
# @nicks:irc/im.site#channel'
authors:
- L3D <l3d@c3woc.de>
### OPTIONAL but strongly recommended
# A short summary description of the collection
description: Ansible Collection to install and configure wireguard-ui
# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'
license:
- MIT
# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character
# requirements as 'namespace' and 'name'
tags:
- wireguard
- wireguard-ui
- linux
# Collections that this collection requires to be installed for it to be usable. The key of the dict is the
# collection label 'namespace.name'. The value is a version range
# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
# range specifiers can be set and are separated by ','
dependencies:
"community.general": ">=9.5.0,<11.0.0"
# The URL of the originating SCM repository
repository: https://github.com/roles-ansible/ansible_collection_wireguard.git
# The URL to the homepage of the collection/project
homepage: https://ansible.l3d.space/#l3d.wireguard
# A list of file glob-like patterns used to filter any files or directories that should not be included in the build
# artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This
# uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry',
# and '.git' are always filtered. Mutually exclusive with 'manifest'
build_ignore: []
# A dict controlling use of manifest directives used in building the collection artifact. The key 'directives' is a
# list of MANIFEST.in style
# L(directives,https://packaging.python.org/en/latest/guides/using-manifest-in/#manifest-in-commands). The key
# 'omit_default_directives' is a boolean that controls whether the default directives are used. Mutually exclusive
# with 'build_ignore'
# manifest: null

2
meta/runtime.yml Normal file
View file

@ -0,0 +1,2 @@
---
requires_ansible: '>=2.17.4'

View file

@ -0,0 +1,5 @@
---
wireguardui__version: 'latest'
# Optional perform simple Versionscheck
submodules_versioncheck: false

View file

@ -0,0 +1,46 @@
---
- name: Dependency block
block:
- name: Update apt cache
become: true
ansible.builtin.apt:
cache_valid_time: 3600
update_cache: true
register: _pre_update_apt_cache
until: _pre_update_apt_cache is succeeded
when:
- ansible_pkg_mgr == "apt"
- name: Install dependencies
become: true
ansible.builtin.package:
name: "{{ item }}"
state: present
with_items: "{{ wireguardui__dependencies }}"
- name: Create temporary directory
become: true
ansible.builtin.tempfile:
state: directory
suffix: wireguardui
register: wireguardui__tmp
when: (not ansible_check_mode and (wireguardui__active_version.stdout[1:] != wireguardui__version_target))
- name: Download wireguard-ui
become: true
ansible.builtin.get_url:
url: "{{ wireguardui__dl_url }}/{{ wireguardui__filename }}"
checksum: "md5:{{ wireguardui__dl_url }}/{{ wireguardui__filename }}.md5"
dest: "{{ wireguardui__tmp.path }}/{{ wireguardui__filename }}"
mode: '0640'
owner: 'root'
group: 'root'
when: (not ansible_check_mode and (wireguardui__active_version.stdout[1:] != wireguardui__version_target))
- name: Unarchive wireguardui
become: true
ansible.builtin.unarchive:
src: "{{ wireguardui__tmp.path }}/{{ wireguardui__filename }}"
dest: '/usr/local/bin'
remote_src: true
when: (not ansible_check_mode and (wireguardui__active_version.stdout[1:] != wireguardui__version_target))

View file

@ -0,0 +1,13 @@
---
- name: Run simple versionscheck (optional)
ansible.builtin.include_tasks:
file: 'versioncheck.yml'
when: submodules_versioncheck | bool
- name: Set version for wireguard-ui
ansible.builtin.include_tasks:
file: 'set_version.yml'
- name: Download wireguard-ui
ansible.builtin.include_tasks:
file: 'download.yml'

View file

@ -0,0 +1,60 @@
---
- name: "Check wireguard-ui installed version"
ansible.builtin.shell: |
set -eo pipefail
{{ wireguardui__full_executable_path }} -wg-conf-template /dev/invalid | grep 'App Version' | cut -d ' ' -f 3
args:
executable: /bin/bash
register: wireguardui__active_version
changed_when: false
failed_when: false
- name: Optionally print wireguardui__active_version
ansible.builtin.debug:
msg: "{{ wireguardui__active_version.stdout }}"
verbosity: 1
- name: "Determine 'latest' version release"
when: wireguardui__version == "latest"
block:
- name: "Get latest gitea release metadata"
ansible.builtin.uri:
url: https://api.github.com/repos/ngoduykhanh/wireguard-ui/releases/latest
return_content: true
register: wiregardui__remote_metadata
become: false
when: not ansible_check_mode
- name: "Fail if running in check mode without versions set."
ansible.builtin.fail:
msg: |
"You are running this playbook in check mode:
Please set the wireguard-ui version with the variable 'wireguardui__version', because the URI module cannot detect the latest version in this mode."
when: ansible_check_mode and (wireguardui__version == 'latest')
- name: "Set fact latest wireguard-ui release"
ansible.builtin.set_fact:
wireguardui__remote_version: "{{ wiregardui__remote_metadata.json.tag_name[1:] }}"
when: not ansible_check_mode
- name: "Set wireguard-ui version target (latest)"
ansible.builtin.set_fact:
wireguardui__version_target: "{{ wireguardui__remote_version }}"
when: not ansible_check_mode
- name: "Set wireguard-ui version target {{ wireguardui__version }}"
ansible.builtin.set_fact:
wireguardui__version_target: "{{ wireguardui__version }}"
when: wireguardui__version != "latest"
- name: 'Assert that remote version is higher'
ansible.builtin.assert:
that:
- wireguardui__active_version is version(wireguardui__remote_version, 'lt')
fail_msg: ERROR - Remote version is lower then current version!
when: wireguardui__version == "latest" and wireguardui__active_version.stderr == "" | bool
- name: "Generate gitea download URL"
ansible.builtin.set_fact:
wireguardui__dl_url: "https://github.com/ngoduykhanh/wireguard-ui/releases/download/v{{ wireguardui__version_target }}"
wireguardui__filename: "wireguard-ui-v{{ wireguardui__version_target }}-linux-{{ wireguardui__arch }}.tar.gz"

View file

@ -0,0 +1,44 @@
---
# Copyright (c) 2021 L3D <l3d@c3woc.de>
# this file is released with the MIT license.
# License: https://github.com/roles-ansible/ansible_role_template/blob/main/LICENSE
- name: Create directory for versionscheck
become: true
ansible.builtin.file:
path: '/etc/.ansible-version'
state: directory
mode: "0755"
when: packages__submodules_versioncheck | bool
- name: Check playbook version
become: true
ansible.builtin.slurp:
src: "/etc/.ansible-version/{{ packages__playbook_version_path }}"
register: playbook_version
when: packages__submodules_versioncheck | bool
failed_when: false
- name: Print remote role version # noqa: H500
ansible.builtin.debug:
msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
when: packages__submodules_versioncheck | bool
- name: Print locale role version # noqa: H500
ansible.builtin.debug:
msg: "Local role version: '{{ packages__playbook_version_number | string }}'."
when: packages__submodules_versioncheck | bool
- name: Check if your version is outdated
ansible.builtin.fail:
msg: "Your ansible module has the version '{{ packages__playbook_version_number }}' and is outdated. You need to update it!"
when:
- playbook_version.content|default("Mgo=")|b64decode|int - 1 >= packages__playbook_version_number|int and packages__submodules_versioncheck | bool
- name: Write new version to remote disk
become: true
ansible.builtin.copy:
content: "{{ packages__playbook_version_number }}"
dest: "/etc/.ansible-version/{{ packages__playbook_version_path }}"
mode: '0644'
when: packages__submodules_versioncheck | bool
tags: skip_ansible_lint_template-instead-of-copy

View file

@ -0,0 +1,17 @@
---
wireguardui__dependencies: []
wireguardui__full_executable_path: '/usr/local/bin/wireguard-ui'
wireguardui__go_arch_map:
i386: '386'
x86_64: 'amd64'
aarch64: 'arm64'
armv7l: 'arm'
armv6l: 'arm'
armv5l: 'arm'
wireguardui__arch: "{{ wireguardui__go_arch_map[ansible_architecture] | default(ansible_architecture) }}"
packages__playbook_version_number: 3
packages__playbook_version_path: 'l3d.wireguard.wireguardui.version'