[CODE] add tasks

tasks/distribute.yml

@@ -0,0 +1,13 @@
+---
+# Tinc VPN Hostfile Distribution
+
+- name: Distribute - Set different base dir for macOS
+  set_fact:
+    tinc_base_dir: /usr/local/etc/tinc
+  when: (override_os_family is defined) | ternary(override_os_family,ansible_os_family) == "Darwin"
+
+- name: Distribute - Copy hostfiles to targets
+  become: yes
+  copy:
+    src: "{{ role_path }}/files/tmp/"
+    dest: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts/"

tasks/main.yml

@@ -1,2 +1,93 @@
 ---
-# tasks file for tinc
+# Tinc VPN Setup and Configuration
+
+- name: Main - Set different base dir for macOS
+  set_fact:
+    tinc_base_dir: /usr/local/etc/tinc
+  when: (override_os_family is defined) | ternary(override_os_family,ansible_os_family) == "Darwin"
+
+- name: Main - Install tinc
+  include_tasks: "{{ item }}"
+  with_first_found:
+    - "setup-{{ ansible_distribution }}.yml"
+    - "setup-{{ (override_os_family is defined) | ternary(override_os_family,ansible_os_family) }}.yml"
+
+
+- name: Main - Create tinc directories
+  become: yes
+  file:
+    path: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts"
+    state: directory
+    mode: '0755'
+
+- name: Main - Create new host keypair
+  become: yes
+  shell: |
+    export PATH=/usr/local/sbin:/usr/local/bin:$PATH
+    tincd -n {{ tinc_vpn_id }} -K4096
+  args:
+    chdir: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}"
+    creates: rsa_key.priv
+
+- name: Main - Create config
+  become: yes
+  template:
+    src: "{{ role_path }}/templates/tinc.conf.j2"
+    dest: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/tinc.conf"
+
+- name: Main - Fetch public key
+  become: yes
+  fetch:
+    src: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/rsa_key.pub"
+    dest: "{{ role_path }}/templates/tmp/rsa_key-{{ ansible_hostname }}.pub"
+    flat: yes
+
+- name: Main - Create own hostfile
+  become: yes
+  template:
+    src: "{{ role_path }}/templates/hostfile.j2"
+    dest: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts/{{ ansible_hostname }}"
+
+
+- name: Main - Create tinc-up script
+  become: yes
+  template:
+    src: "{{ role_path }}/templates/tinc-up.j2"
+    dest: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/tinc-up"
+    mode: '0755'
+
+- name: Main - Create tinc-down script
+  become: yes
+  template:
+    src: "{{ role_path }}/templates/tinc-down.j2"
+    dest: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/tinc-down"
+    mode: '0755'
+
+
+- name: Tinc - Fetch all hostfiles
+  become: yes
+  fetch:
+    src: "{{ tinc_base_dir }}/{{ tinc_vpn_id }}/hosts/{{ ansible_hostname }}"
+    dest: "{{ role_path }}/files/tmp/{{ ansible_hostname }}"
+    flat: yes
+
+
+- name: "Main - Enable {{ tinc_vpn_id }}"
+  become: yes
+  block:
+    - name: "Main - Enable {{ tinc_vpn_id }} in tinc config"
+      lineinfile:
+        name: "{{ tinc_base_dir }}/nets.boot"
+        line: "{{ tinc_vpn_id }}"
+        create: yes
+    - name: "Main - Enable and restart tinc service"
+      systemd:
+        name: tinc
+        state: restarted
+        enabled: yes
+    - name: "Main - Enable and restart tinc@{{ tinc_vpn_id }} service"
+      systemd:
+        name: "tinc@{{ tinc_vpn_id }}"
+        state: restarted
+        enabled: yes
+  when: inventory_hostname != 'localhost'

tasks/setup-Darwin.yml

@@ -0,0 +1,10 @@
+---
+# Tinc/Setup: Install tinc application - macOS Version
+
+- name: Setup - Install
+  package:
+    name: "{{ packages }}"
+    state: present
+  vars:
+    packages:
+    - tinc

tasks/setup-Debian.yml

@@ -0,0 +1,11 @@
+---
+# Tinc/Setup: Install tinc application - Debian Version
+
+- name: Setup - Install
+  become: yes
+  apt:
+    name: "{{ packages }}"
+    state: present
+  vars:
+    packages:
+    - tinc