Ansible role to install and configure a Firezone gateway.
Building and improving this Ansible role have been sponsored by my current and previous employers like Cloudpunks GmbH and Proact Deutschland GmbH.
- Requirements
- Default Variables
- firezone_gateway_caps
- firezone_gateway_devices
- firezone_gateway_ident
- firezone_gateway_image
- firezone_gateway_log_level
- firezone_gateway_name
- firezone_gateway_network
- firezone_gateway_no_telemetry
- firezone_gateway_num_tun_threads
- firezone_gateway_pull_image
- firezone_gateway_sysctls
- firezone_gateway_token
- firezone_gateway_version
- Discovered Tags
- Dependencies
- License
- Author
- Minimum Ansible version:
2.10
List of capability settings
firezone_gateway_caps:
- NET_ADMINList of required devices
firezone_gateway_devices:
- /dev/net/tun:/dev/net/tunIdentifier of the firezone gateway
firezone_gateway_ident:Docker image to use and run
firezone_gateway_image: ghcr.io/firezone/gateway:{{ firezone_gateway_version }}Log level of the forezone gateway
firezone_gateway_log_level: infoName of the firezone gateway
firezone_gateway_name: '{{ inventory_hostname }}'A Docker network to assign the container
firezone_gateway_network:Disable telemtry collection
firezone_gateway_no_telemetry: falseNumber of TUN threads
firezone_gateway_num_tun_threads: 1Pull image as part of the tasks
firezone_gateway_pull_image: trueList of sysctl settings
firezone_gateway_sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv6.conf.all.disable_ipv6=0
- net.ipv6.conf.all.forwarding=1
- net.ipv6.conf.default.forwarding=1Token of the firezone gateway
firezone_gateway_token:Version of the Docker image
firezone_gateway_version: 1.5.0firezone-gateway
Apache-2.0