From 671f7b52ee039454ab0fa1e6602835b1dd74421e Mon Sep 17 00:00:00 2001
From: ace <ace@0xace.cc>
Date: Wed, 3 Apr 2024 18:14:20 +0300
Subject: [PATCH] add Debian support

---
 tasks/Debian/main.yaml              |  7 +++
 tasks/Debian/podman.yaml            | 71 +++++++++++++++++++++++++++++
 tasks/Debian/wireguard_install.yaml | 14 ++++++
 tasks/RedHat/podman.yaml            |  1 +
 tasks/main.yaml                     |  4 +-
 5 files changed, 94 insertions(+), 3 deletions(-)
 create mode 100644 tasks/Debian/podman.yaml
 create mode 100644 tasks/Debian/wireguard_install.yaml

diff --git a/tasks/Debian/main.yaml b/tasks/Debian/main.yaml
index e69de29..99717e3 100644
--- a/tasks/Debian/main.yaml
+++ b/tasks/Debian/main.yaml
@@ -0,0 +1,7 @@
+- name: "Include WireGuard install"
+  include_tasks: wireguard_install.yaml
+  when: wireguard_install
+
+- name: "Include WireGuard UI install with podman"
+  include_tasks: podman.yaml
+  when: wireguard_ui_container_engine == 'podman'
diff --git a/tasks/Debian/podman.yaml b/tasks/Debian/podman.yaml
new file mode 100644
index 0000000..5afb6ec
--- /dev/null
+++ b/tasks/Debian/podman.yaml
@@ -0,0 +1,71 @@
+- name: Install WireGuard UI with container
+  block:
+    - name: Login to image registries with podman
+      containers.podman.podman_login:
+        registry: '{{ item.key }}'
+        username: '{{ item.value.username }}'
+        password: '{{ item.value.password }}'
+      become: true
+      no_log: true
+      changed_when: False
+      loop: '{{ wireguard_ui_container_registry_auth | dict2items }}'
+      when: wireguard_ui_container_registry_auth is defined
+
+    - name: Create configuration dir and subdirs for WireGuard UI
+      file:
+        name: "{{ item }}"
+        state: directory
+      loop:
+        - "{{ wireguard_ui_config_dir }}"
+        - "{{ wireguard_ui_config_dir }}/server"
+        - "{{ wireguard_ui_config_dir }}/users"
+
+    - name: Force login and password change for first admin user
+      template:
+        dest: "{{ wireguard_ui_config_dir }}/users/admin.json"
+        src: admin.json.j2
+      register: wireguard_ui_auth
+      notify: Restart WireGuard UI with podman
+
+    - name: Create WireGuard UI with podman
+      containers.podman.podman_container:
+        name: "{{ wireguard_ui_container_name }}"
+        hostname: "{{ wireguard_ui_container_name }}"
+        network_mode: "{{ wireguard_ui_network_mode }}"
+        image: "{{ wireguard_ui_container_registry }}/{{ wireguard_ui_image_name }}:{{ wireguard_ui_image_tag }}"
+        state: created
+        cap_add:
+          - NET_ADMIN
+        env: "{{ wireguard_ui_combined_env }}"
+        volumes: "{{ wireguard_ui_volumes }}"
+      register: wireguard_ui_container
+      notify: Restart WireGuard UI with podman
+
+    - name: Generate container systemd unit
+      shell: "podman generate systemd {{ wireguard_ui_container_name }}"
+      register: wireguard_ui_systemd_unit
+      changed_when: False
+
+    - name: Create WireGuard UI systemd unit
+      copy:
+        dest: "/etc/systemd/system/{{ wireguard_ui_systemd_unit_name }}"
+        content: "{{ wireguard_ui_systemd_unit.stdout | regex_replace('^#.*', multiline=True) | trim }}"
+
+    - name: Create WireGuard UI systemd watcher unit
+      template:
+        dest: "/etc/systemd/system/{{ wireguard_ui_watcher_systemd_service_unit_name }}"
+        src: wireguard-ui-watcher.service.j2
+
+    - name: Create WireGuard UI systemd watcher path
+      template:
+        dest: "/etc/systemd/system/{{ wireguard_ui_watcher_systemd_path_unit_name }}"
+        src: wireguard-ui-watcher.path.j2
+
+    - name: Logout from image registries
+      containers.podman.podman_logout:
+        registry: '{{ item.key }}'
+      become: true
+      no_log: true
+      changed_when: False
+      loop: '{{ wireguard_ui_container_registry_auth | dict2items }}'
+      when: wireguard_ui_container_registry_auth is defined
diff --git a/tasks/Debian/wireguard_install.yaml b/tasks/Debian/wireguard_install.yaml
new file mode 100644
index 0000000..ac8fb28
--- /dev/null
+++ b/tasks/Debian/wireguard_install.yaml
@@ -0,0 +1,14 @@
+- name: Install wireguard for Debain 12
+  block:
+  - name: Install wireguard packages
+    apt:
+      name: 
+        - wireguard-tools
+      state: present
+      update_cache: yes
+
+- name: Enable wg-quick systemd unit
+  systemd:
+    name: wg-quick@{{ wireguard_ui_combined_env['WGUI_CONFIG_FILE_PATH'] | basename | split('.') | first }}
+    enabled: yes
+    daemon_reload: yes
diff --git a/tasks/RedHat/podman.yaml b/tasks/RedHat/podman.yaml
index 1ee126c..5afb6ec 100644
--- a/tasks/RedHat/podman.yaml
+++ b/tasks/RedHat/podman.yaml
@@ -18,6 +18,7 @@
       loop:
         - "{{ wireguard_ui_config_dir }}"
         - "{{ wireguard_ui_config_dir }}/server"
+        - "{{ wireguard_ui_config_dir }}/users"
 
     - name: Force login and password change for first admin user
       template:
diff --git a/tasks/main.yaml b/tasks/main.yaml
index 87d8aca..c5592e1 100644
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@@ -34,6 +34,7 @@
     masked: no
   loop:
     - "{{ wireguard_ui_systemd_unit_name }}"
+  tags: wireguard_ui_start
       
 - name: Enable WireGuard UI watcher services
   systemd:
@@ -54,6 +55,3 @@
     masked: no
   loop:
     - "{{ wireguard_ui_watcher_systemd_path_unit_name }}"
-
-  tags: wireguard_ui_start
-