ver.1

Dockerfile

@@ -2,8 +2,6 @@ FROM ubuntu:22.04
 
 ARG TERRAFORM_VERSION=1.3.7
 
-ENV DO_TOKEN
-
 RUN apt-get update && DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install -y \
   git \
   ansible \
@@ -15,8 +13,12 @@ RUN wget --quiet https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/t
   && mv terraform /usr/bin \
   && rm terraform_${TERRAFORM_VERSION}_linux_amd64.zip
 
-WORKDIR wireguard_vpn
+WORKDIR "/opt/vpnius"
+
+RUN mkdir -p config
 
 COPY . .
 
-CMD ["bin/bash"]
+ENTRYPOINT ["/usr/bin/terraform"]
+
+CMD ["apply", "-auto-approve"]

README.md

@@ -3,6 +3,7 @@
 ### Supported platforms
 
 - [x] Digital ocean
+- [ ] AWS
 - [ ] Yandex Cloud
 - [ ] Selectel
 
@@ -15,16 +16,23 @@
 #### Digital ocean
 
 1. Sign up in [Digital ocean](https://m.do.co/c/d461fa06b15a)
-2. Go to [tokens](https://cloud.digitalocean.com/account/api/tokens) page and create new tokens
-3. Generate SSH key if don't have one
-4. Run the command below
+2. Go to [tokens](https://cloud.digitalocean.com/account/api/tokens) page and create new token
+4. Run the following command
+
+You can configure vpn with ENV varialbes:
+
+|Name|Description|Default|
+|---|---|---|
+|TF_VAR_region| Region where vpn will be setup | ams3 |
+|TF_VAR_wireguard_peers| How many configs you need. Comma-separated names | laptop |
 
 ```
 docker run --rm \
-  -e REGION=Germany
-  -e TOKEN=YOUR_DO_TOKEN
-  k0va1/wireguard_vpn
-```
+  -e TF_VAR_do_token=your_token \
+  -e TF_VAR_wireguard_peers=laptop,phone
+  -v `pwd`:/opt/vpnius/config
+  hetsketch/vpnius:latest
+  ```
 
 5. Install Wireguard client on your mobile/laptop
 6. Import config to client
@@ -34,5 +42,9 @@ docker run --rm \
 
 - [x] Terraform template
 - [x] Ansible playbook
-- [] Dockerize script
-- [] Imporove README
+- [ ] Dockerize script
+- [ ] Imporove README
+- [ ] AWS support
+- [ ] Yandex support
+- [ ] Selectel support
+- [ ] OpenVPN support

main.tf

@@ -37,7 +37,7 @@ resource "digitalocean_droplet" "wireguard" {
   }
 
   provisioner "local-exec" {
-    command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root -i '${self.ipv4_address},' --private-key id_rsa.pem playbook.yml"
+    command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root -i '${self.ipv4_address},' -e 'wireguard_peers=${var.wireguard_peers}' --private-key id_rsa.pem playbook.yml"
   }
 }
 

roles/wireguard/tasks/main.yml

@@ -108,14 +108,16 @@
     patterns: "peer_*.conf,peer_*.png"
   register: files_to_copy
 
-- name: Print
-  ansible.builtin.debug:
-    msg:
-    - "Files {{files_to_copy}}"
+- name: Chanage files permissions to 777
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    owner: "{{user}}"
+    mode: '0777'
+  with_items: "{{ files_to_copy.files }}"
 
 - name: Copy files to local machine
   fetch:
     src: "{{ item.path }}"
-    dest: "~"
+    dest: "{{local_wireguard_config_folder}}"
     flat: yes
   with_items: "{{ files_to_copy.files }}"

roles/wireguard/vars/main.yml

@@ -1,6 +1,7 @@
 ---
-user: "wireguard"
-wireguard_config_folder: "/opt/wireguard-server/config"
+user: "vpnius"
 services_folder: "/home/{{user}}/services"
+wireguard_config_folder: "/opt/{{user}}/config"
+local_wireguard_config_folder: "/opt/{{user}}/config/"
 wireguard_port: "51820"
 wireguard_peers: "laptop" # comma separated peers without spaces

variable.tf

@@ -1,3 +1,9 @@
+variable "wireguard_peers" {
+  type = string
+  description = "List of comma-separated peers"
+  default = "laptop"
+}
+
 variable "do_token" {
   type = string
   description = "Digital Ocean token"
@@ -18,7 +24,7 @@ variable "image" {
 variable "name" {
   type = string
   description = "Service name"
-  default = "wireguard-vpn"
+  default = "vpnius"
 }
 
 variable "size" {