diff options
| author | Egor Tensin <egor@tensin.name> | 2024-03-23 19:25:36 +0100 |
|---|---|---|
| committer | Egor Tensin <egor@tensin.name> | 2024-03-23 19:25:36 +0100 |
| commit | 87b049ac83717001e7600a4b32e086e3b6ea6380 (patch) | |
| tree | 7c0d8f4ffda3e86762a21775055c509d3a2ec371 | |
| parent | v3.0.0 (diff) | |
| download | infra-ansible-87b049ac83717001e7600a4b32e086e3b6ea6380.tar.gz infra-ansible-87b049ac83717001e7600a4b32e086e3b6ea6380.zip | |
wireguard: add dependency on wg-quick service also
| -rw-r--r-- | roles/wireguard/handlers/main.yml | 5 | ||||
| -rw-r--r-- | roles/wireguard/tasks/main.yml | 30 | ||||
| -rw-r--r-- | roles/wireguard/templates/depend_service_wg-quick.conf.j2 | 7 |
3 files changed, 41 insertions, 1 deletions
diff --git a/roles/wireguard/handlers/main.yml b/roles/wireguard/handlers/main.yml new file mode 100644 index 0000000..390e740 --- /dev/null +++ b/roles/wireguard/handlers/main.yml @@ -0,0 +1,5 @@ +- name: Reload systemd daemon + become: true + ansible.builtin.systemd_service: + daemon_reload: true + listen: wireguard_reload diff --git a/roles/wireguard/tasks/main.yml b/roles/wireguard/tasks/main.yml index 4deea91..f48f8cb 100644 --- a/roles/wireguard/tasks/main.yml +++ b/roles/wireguard/tasks/main.yml @@ -22,9 +22,37 @@ state: restarted when: config.changed -- name: Set up service dependencies +- name: Set up service dependencies for the interface ansible.builtin.include_role: name: systemd_depend_iface vars: systemd_depend_iface_name: '{{ wg_name }}' systemd_depend_iface_services: '{{ wg_dependent_services }}' + +- name: Create override directory for services + become: true + ansible.builtin.file: + path: '/etc/systemd/system/{{ service }}.service.d' + state: directory + owner: root + group: root + mode: '755' + loop: '{{ wg_dependent_services }}' + loop_control: + loop_var: service + +- name: Set up service dependencies for wg-quick + become: true + ansible.builtin.template: + src: depend_service_wg-quick.conf.j2 + dest: '/etc/systemd/system/{{ service }}.service.d/depend_service_wg-quick@{{ wg_name }}.conf' + owner: root + group: root + mode: '644' + notify: wireguard_reload + loop: '{{ wg_dependent_services }}' + loop_control: + loop_var: service + +- name: Reload systemd services if necessary + ansible.builtin.meta: flush_handlers diff --git a/roles/wireguard/templates/depend_service_wg-quick.conf.j2 b/roles/wireguard/templates/depend_service_wg-quick.conf.j2 new file mode 100644 index 0000000..b40e6eb --- /dev/null +++ b/roles/wireguard/templates/depend_service_wg-quick.conf.j2 @@ -0,0 +1,7 @@ +{{ ansible_managed | comment }} + +[Unit] +# This is required so that systemd actually starts the wg-quick service before +# the dependants. We also set up the actual dependency on the interface so that +# the dependants actually start after the interface is up. +After=wg-quick@{{ wg_name }}.service |