dn42-ansible/yggdrasil.yml

- hosts: routers
  remote_user: root
  tasks:
    - name: fetch gpg key locally
      ansible.builtin.command: gpg --fetch-keys https://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/key.txt
      delegate_to: 127.0.0.1
      run_once: true
    - name: export gpg key
      ansible.builtin.command: gpg --output yggdrasil/yggdrasil-keyring.gpg --export BC1BF63BD10B8F1A
      delegate_to: 127.0.0.1
      run_once: true
    - name: See if it's possible to run yggdrasil
      ansible.builtin.stat:
        path: /dev/net/tun
      register: can_use_tun
    - name: Create /usr/local/apt-keys on debian hosts
      ansible.builtin.file:
        path: /usr/local/apt-keys
        state: directory
        mode: '0755'
      when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True
    - name: add dirmngr on debian hosts
      ansible.builtin.apt:
        name: dirmngr
        state: latest
      when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True
    - name: Copy gpg keyring to debian hosts
      ansible.builtin.copy:
        src: yggdrasil/yggdrasil-keyring.gpg
        dest: /usr/local/apt-keys/yggdrasil-keyring.gpg
        mode: '0644'
      when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True
    - name: Copy yggdrasil sources list list to debian hosts
      ansible.builtin.copy:
        src: yggdrasil/debian-list.txt
        dest: /etc/apt/sources.list.d/yggdrasil.list
        mode: '0644'
      when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True
    - name: add yggdrasil on arch systems
      ansible.builtin.pacman:
        name: yggdrasil
        state: present
      when: ansible_distribution == 'Archlinux' and can_use_tun.stat.exists == True
    - name: add yggdrasil on debian systems
      ansible.builtin.apt:
        update_cache: yes
        cache_valid_time: 1
        name: yggdrasil
        state: present
      when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True
Add zerotier and yggdrasil 2024-12-22 06:41:16 +00:00			`- hosts: routers`
			`remote_user: root`
			`tasks:`
			`- name: fetch gpg key locally`
			`ansible.builtin.command: gpg --fetch-keys https://neilalexander.s3.dualstack.eu-west-2.amazonaws.com/deb/key.txt`
			`delegate_to: 127.0.0.1`
			`run_once: true`
			`- name: export gpg key`
			`ansible.builtin.command: gpg --output yggdrasil/yggdrasil-keyring.gpg --export BC1BF63BD10B8F1A`
			`delegate_to: 127.0.0.1`
			`run_once: true`
			`- name: See if it's possible to run yggdrasil`
			`ansible.builtin.stat:`
			`path: /dev/net/tun`
			`register: can_use_tun`
			`- name: Create /usr/local/apt-keys on debian hosts`
			`ansible.builtin.file:`
			`path: /usr/local/apt-keys`
			`state: directory`
			`mode: '0755'`
			`when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True`
			`- name: add dirmngr on debian hosts`
			`ansible.builtin.apt:`
			`name: dirmngr`
			`state: latest`
			`when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True`
			`- name: Copy gpg keyring to debian hosts`
			`ansible.builtin.copy:`
			`src: yggdrasil/yggdrasil-keyring.gpg`
			`dest: /usr/local/apt-keys/yggdrasil-keyring.gpg`
			`mode: '0644'`
			`when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True`
			`- name: Copy yggdrasil sources list list to debian hosts`
			`ansible.builtin.copy:`
			`src: yggdrasil/debian-list.txt`
			`dest: /etc/apt/sources.list.d/yggdrasil.list`
			`mode: '0644'`
			`when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True`
			`- name: add yggdrasil on arch systems`
			`ansible.builtin.pacman:`
			`name: yggdrasil`
			`state: present`
			`when: ansible_distribution == 'Archlinux' and can_use_tun.stat.exists == True`
			`- name: add yggdrasil on debian systems`
			`ansible.builtin.apt:`
			`update_cache: yes`
			`cache_valid_time: 1`
			`name: yggdrasil`
			`state: present`
			`when: ansible_distribution == 'Debian' and can_use_tun.stat.exists == True`