init olm role

ansible/roles/olm/handlers/main.yaml

@@ -0,0 +1,5 @@
+- name: restart olm
+  service:
+    name: olm
+    state: restarted
+    daemon_reload: true

ansible/roles/olm/tasks/main.yaml

@@ -0,0 +1,42 @@
+- name: Download and verify the olm binary
+  get_url:
+    url: "https://github.com/fosrl/olm/releases/download/{{ olm_version }}/olm_linux_amd64"
+    dest: "/usr/local/bin/olm_linux_amd64-{{ olm_version }}"
+    checksum: "{{ olm_checksum }}"
+  notify: restart olm
+
+- name: Create olm binary symlink
+  file:
+    src: "/usr/local/bin/olm_linux_amd64-{{ olm_version }}"
+    dest: "/usr/local/bin/olm"
+    state: link
+    owner: root
+    group: root
+    mode: '0755' # Permissions for the target file
+    force: yes
+  notify: restart olm
+
+- name: Create olm config directory
+  file: 
+    path: {{ olm_config_path }}
+    state: directory
+    mode: '0700'
+    owner: root
+    group: root
+
+- name: Create olm config file
+  template:
+    src: templates/config.json.j2
+    dest: {{ olm_config_path}}/config.json
+    owner: root
+    group: root
+    mode: '0600'
+
+- name: Create olm systemd service
+  template:
+    src: templates/olm.service.j2
+    dest: /etc/systemd/system/olm.service
+    owner: root
+    group: root
+    mode: '0600'
+  notify: restart olm

ansible/roles/olm/tasks/templates/config.json.j2

@@ -0,0 +1,25 @@
+{
+  "endpoint": "{{ olm_endpoint }}",
+  "id": "{{ olm_id }}",
+  "secret": "{{ olm_secret }}",
+  "org": "",
+  "userToken": "",
+  "mtu": 1280,
+  "dns": "8.8.8.8",
+  "upstreamDNS": [
+    "192.168.1.2"
+  ],
+  "interface": "olm",
+  "logLevel": "{{ olm_loglevel }}",
+  "enableApi": false,
+  "httpAddr": "",
+  "socketPath": "/var/run/olm.sock",
+  "pingInterval": "3s",
+  "pingTimeout": "5s",
+  "disableHolepunch": false,
+  "tlsClientCert": "",
+  "overrideDNS": {{ olm_override_dns }},
+  "tunnelDNS": {{ olm_tunnel_dns }},
+  "disableRelay": false,
+  "Version": "1.4.0"
+}

ansible/roles/olm/tasks/templates/olm.service.j2

@@ -0,0 +1,12 @@
+[Unit]
+Description=Olm
+After=network.target
+
+[Service]
+ExecStart=/usr/local/bin/olm 
+Restart=always
+User=root
+Environment="CONFIG_FILE={{ olm_config_path }}/config.json"
+
+[Install]
+WantedBy=multi-user.target