From 3312477cc85acfe818785df99c05e084b04a34ee Mon Sep 17 00:00:00 2001
From: poulpe <poulpe@localhost.localdomain>
Date: Sat, 8 Apr 2023 15:38:37 +0200
Subject: [PATCH] [Update+fix] Fix wireguard startup + fix nginx config

---
 Config_Wireguard.yml                      | 62 +++++++++++++++++++----
 templates/nginx_config_template.j2        | 14 ++---
 templates/wireguard_config_template_H2.j2 |  6 ---
 3 files changed, 58 insertions(+), 24 deletions(-)

diff --git a/Config_Wireguard.yml b/Config_Wireguard.yml
index 8746656..9ace910 100644
--- a/Config_Wireguard.yml
+++ b/Config_Wireguard.yml
@@ -63,8 +63,10 @@
         cmd: "ip r add default nexthop via 10.0.2.2"
       # check_mode: yes
       
-    - name: Install nginx and Wireguard
+    - name: Install update for install other programs
       ansible.builtin.apt:
+        cache_valid_time: 86400
+        upgrade: yes
         update_cache: yes
       # check_mode: yes
 
@@ -75,6 +77,7 @@
           - wireguard
           - wireguard-tools
           - iptables
+          - curl
         state: present
       # check_mode: yes
     - name: Remove internet to host
@@ -86,23 +89,36 @@
   hosts: H2
   become: true
   tasks:
+    - name: Setup VPN Wireguard H2
+      ansible.builtin.template:
+        src: ./templates/wireguard_config_template_H2.j2
+        dest: /etc/wireguard/wg0.conf
+        mode: 0640
+      notify: wg-quick
+
     - name: Setup page of nginx
       ansible.builtin.template:
         src: ./templates/index_template.j2
-        dest: /var/www/index.html
-        mode: 0640
+        dest: /var/www/html/index.html
+        mode: 0777
 
     - name: Setup config of nginx
       ansible.builtin.template:
         src: ./templates/nginx_config_template.j2
-        dest: /etc/nginx/sites-enabled/web_site
+        dest: /etc/nginx/sites-available/default
         mode: 0640
+      notify: Restart nginx
 
-    - name: Setup VPN Wireguard H2
-      ansible.builtin.template:
-        src: ./templates/wireguard_config_template_H2.j2
-        dest: /etc/wireguard/wg0.conf
-        mode: 0640
+  handlers:
+    - name: wg-quick
+      ansible.builtin.shell:
+        cmd: "wg-quick up wg0 2>/dev/null"
+
+    - name: Restart nginx
+      ansible.builtin.service:
+        name: nginx
+        state: restarted
+        enabled: yes
 
 - name: Setup index.html on H2
   hosts: H1
@@ -113,14 +129,38 @@
         src: ./templates/wireguard_config_template_H1.j2
         dest: /etc/wireguard/wg0.conf
         mode: 0640
+      notify: wg-quick
+
+  handlers:
+      - name: wg-quick
+        ansible.builtin.shell:
+          cmd: "wg-quick up wg0 2>/dev/null"
 
 - name: Start wireguard for all hosts
   hosts: hotes
   become: true
   tasks:
-    - name: Start wg-quick
+    # - name: Start wg-quick
+    #   ansible.builtin.shell:
+    #     cmd: "wg-quick up wg0 2>/dev/null"
+    - name: Make curl to web server
       ansible.builtin.shell:
-        cmd: "wg-quick up wg0"
+        cmd: "curl http://10.0.0.1:80/index.html > index.html"
+
+- name: Test connectivity from H1 to H2
+  hosts: H1
+  tasks:
+    - name: Ping form H1 to H2
+      ansible.builtin.shell: "ping 10.0.0.1 -c 1"
+
+    - name: Check connectivity using curl
+      shell: "curl 10.0.0.1"
+      register: result
+      ignore_errors: true
+
+    - name: Print result
+      debug:
+        msg: "Connectivity test {{ 'succeeded' if result.rc == 0 else 'failed' }}."
       
 
 ...
\ No newline at end of file
diff --git a/templates/nginx_config_template.j2 b/templates/nginx_config_template.j2
index e1faa53..f9ebd9c 100644
--- a/templates/nginx_config_template.j2
+++ b/templates/nginx_config_template.j2
@@ -1,11 +1,11 @@
 server {
-       listen 10.0.0.0:80;
-       listen 127.0.0.1:80;
+    listen 10.0.0.1:80;
+    server_name H2;
 
-       server_name internal_web_site;
+    root /var/www/html;
+    index index.html;
 
-       location / {
-              root /var/www/;
-              index index.html;
-       }
+    location / {
+        try_files $uri $uri/ =404;
+    }
 }
\ No newline at end of file
diff --git a/templates/wireguard_config_template_H2.j2 b/templates/wireguard_config_template_H2.j2
index 15de7a8..7d292b6 100644
--- a/templates/wireguard_config_template_H2.j2
+++ b/templates/wireguard_config_template_H2.j2
@@ -2,12 +2,6 @@
 Address = 10.0.0.1/24
 PrivateKey = {{ keys["H2PRIV"] }}
 ListenPort = 51820
-{# PostUp = nft -f nft.sh %i #}
-{# PostUp = nft add rule ip nat POSTROUTING oifname "eth0" counter masquerade;nft add rule ip filter FORWARD iifname "eth0" counter accept
-PostDown = nft del rule ip nat POSTROUTING oifname "eth0" counter masquerade;nft del rule ip filter FORWARD iifname "eth0" counter accept #}
-PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
-PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
-
 
 [Peer]
 PublicKey = {{ keys["H1PUB"] }}
-- 
GitLab