jonathan/infra
1
0
Fork 0
Code Actions Activity
Files
main
infra/ansible/roles/netbird_peer/tasks/main.yaml
Jonathan DeMasi 30e5e5c03e add arch support
2026-04-17 23:24:19 -06:00

89 lines
2.4 KiB
YAML
Raw Permalink Blame History

- name: Create temporary netbird unarchive directory
file:
path: "/tmp/netbird_{{ netbird_version }}"
state: directory
mode: '0700'
owner: root
group: root
- name: Download and verify the netbird archive
get_url:
url: "https://github.com/netbirdio/netbird/releases/download/v{{ netbird_version }}/netbird_{{ netbird_version }}_linux_{{ netbird_arch }}.tar.gz"
dest: "/tmp/netbird-{{ netbird_version }}.linux-{{ netbird_arch }}.tar.gz"
checksum: "sha256:{{ netbird_sha256 }}"
register: download_result
- name: Unarchive netbird binary
unarchive:
src: "{{ download_result.dest }}"
dest: "/tmp/netbird_{{ netbird_version }}"
remote_src: true # Indicates the source file is on the remote host
owner: root
group: root
mode: 0755
- name: Copy netbird binary to /usr/local/bin
copy:
src: "/tmp/netbird_{{ netbird_version }}/netbird"
dest: "/usr/local/bin/netbird-{{ netbird_version }}"
owner: root
group: root
mode: '0755'
remote_src: yes
- name: Create netbird binary symlink
file:
src: "/usr/local/bin/netbird-{{ netbird_version }}"
dest: "/usr/local/bin/netbird"
state: link
owner: root
group: root
mode: '0755' # Permissions for the target file
force: yes
- name: Run command to generate netbird systemd unit file
command:
cmd: /usr/local/bin/netbird service install
creates: /etc/systemd/system/netbird.service
register: netbird_service
- name: systemctl daemon-reload to pickup netbird service changes
systemd_service:
daemon_reload: true
when: netbird_service.changed
notify: restart netbird
- name: Start and enable netbird service
service:
name: netbird
state: started
enabled: true
daemon_reload: true
- name: Run netbird up with setup key
command:
cmd: /usr/local/bin/netbird up --setup-key {{ netbird_setup_key }} --management-url https://netbird.jthan.io:443
- name: Create netbird firewalld zone
ansible.posix.firewalld:
zone: netbird
state: present
permanent: true
notify: restart firewalld
- name: Set netbird zone target to ACCEPT
ansible.posix.firewalld:
zone: netbird
state: present
permanent: true
target: ACCEPT
notify: restart firewalld
- name: Add netbird interface to netbird zone
ansible.posix.firewalld:
zone: netbird
interface: wt0
permanent: true
state: enabled
notify: restart firewalld
View Git Blame Copy Permalink