Init

2021-11-10 17:47:51 +00:00 · 2021-11-10 17:47:51 +00:00 · 452f4bef14
commit 452f4bef14
10 changed files with 110 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,3 @@
+wg genkey
+
+echo `wg genkey` | wg pubkey
--- a/ansible.cfg
+++ b/ansible.cfg
@ -0,0 +1,3 @@
+# ansible.cfg
+[defaults]
+inventory = inventory
--- a/7
+++ b/7
@ -0,0 +1,7 @@
+# inventory/hosts
+
+[vpns]
+test_vpn ansible_host=195.140.147.45 ansible_ssh_user=root
+
+[all:vars]
+ansible_python_interpreter=/usr/bin/python3
--- a/playbook.yml
+++ b/playbook.yml
@ -0,0 +1,11 @@
+---
+- hosts: vpns
+  roles:
+    - docker
+    - wireguard
+    - openvpn
+    - nyancat
+  vars:
+    wg_pubkey: PHww02NctXHyNM8Jf/n/QzhL07VXbFYxuUsq6OAXHFc=
+    wg_privkey: uDUNwltNneDXvurpw/yZGpTfL+Vfcp7GX6BmOFbNBXg=
+    wg_port: 40124
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -0,0 +1,14 @@
+---
+- name: Install docker
+  apt:
+    name: ['docker.io', 'docker-compose']
+    state: present
+    update_cache: yes
+- name: Run mtproto container
+  community.docker.docker_container:
+    name: mtproto-telegram
+    state: present
+    image: telegrammessenger/proxy
+    ports:
+      - '443:443'
+
--- a/roles/nyancat/files/nyancat-tty.service
+++ b/roles/nyancat/files/nyancat-tty.service
@ -0,0 +1,17 @@
+[Unit]
+Description=nyancat on tty1
+After=graphical.target
+
+[Service]
+Type=simple
+ExecStartPre=/bin/sleep 5
+ExecStart=/usr/bin/nyancat -snI
+ExecStop=/bin/kill -HUP ${MAINPID}
+StandardInput=tty
+StandardOutput=tty
+TTYPath=/dev/tty1
+Restart=always
+RestartSec=2
+
+[Install]
+WantedBy=graphical.target
--- a/roles/nyancat/tasks/main.yml
+++ b/roles/nyancat/tasks/main.yml
@ -0,0 +1,28 @@
+---
+- name: Install nyancat
+  apt:
+    name: nyancat
+    state: present
+  when: ansible_facts['os_family'] == "Debian"
+
+- name: Install nyancat unit
+  copy:
+    src: files/nyancat-tty.service
+    dest: /etc/systemd/system/nyancat-tty.service
+
+- name: Disable tty
+  systemd:
+    name: "{{ item }}"
+    enabled: no
+    state: stopped
+  loop:
+    - getty
+    - getty@tty1
+  ignore_errors: True
+
+- name: Install nyancat unit
+  systemd:
+    name: nyancat-tty
+    enabled: yes
+    state: started
+    daemon_reload: yes
--- a/roles/openvpn/tasks/main.yml
+++ b/roles/openvpn/tasks/main.yml
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@ -0,0 +1,23 @@
+---
+- name: install wg packages
+  apt: 
+    name: ['wireguard','wireguard-tools']
+    state: present
+
+- name: install wg hub config
+  template:
+    src: templates/wghub.conf.j2
+    dest: /etc/wireguard/wghub.conf
+
+- name: enable and persist ip forwarding
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: "1"
+    state: present
+    sysctl_set: yes
+    reload: yes
+- name: start and enable wireguard
+  systemd:
+    name: wg-quick@wghub
+    enabled: yes
+    state: started
--- a/roles/wireguard/templates/wghub.conf.j2
+++ b/roles/wireguard/templates/wghub.conf.j2
@ -0,0 +1,4 @@
+[Interface]
+Address = 10.205.101.1/24
+ListenPort = {{ wg_port }}
+PrivateKey = {{ wg_privkey }}