iklim.co/Environment_Infrastructure
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Environment_Infrastructure/ansible/roles/wireguard/handlers/main.yml
Murat ÖZDEMİR ed51b6eedd feat(vpn): add WireGuard and DB proxy services for secure management 
- Add new Ansible role `wireguard` to set up WireGuard VPN server on
  DB node with key generation, firewalld rules, and client peer config.
- Introduce `pg-proxy` and `mongo-proxy` socat containers in db_stack
  to expose PostgreSQL (15432) and MongoDB (17017) on host ports,
  restricted to WireGuard subnet via firewalld.
- Update test environment group_vars with WireGuard client entry for
  `murat-inspiron-15-3525`.
- Modify act_runner config: set `docker_host` to unix socket, remove
  explicit socket mount from options, and change runner label image to
  `catthehacker/ubuntu:act-22.04`.
- Open UDP port 51820 in Hetzner firewall for WireGuard inbound.
- Adjust test-db-post-stack playbook to include wireguard role (tagged).
- Update roadmap document with APISIX init step order.
2026-05-13 18:50:07 +03:00

6 lines
125 B
YAML
Raw Blame History

---
- name: restart wireguard
ansible.builtin.systemd:
name: "wg-quick@{{ wireguard_interface }}"
state: restarted
Reference in New Issue View Git Blame Copy Permalink