/
/
/
Ansible role that deploys my connectivity device.
1# Connectivity
2
3Network gateway stack: WireGuard VPN, Nginx Proxy Manager, Pi-hole DNS, and DDNS.
4
5## Key Parameters
6
7| Variable | Default | Description |
8|----------|---------|-------------|
9| `connectivity_wireguard_enabled` | `true` | Deploy WireGuard VPN server |
10| `connectivity_pihole_enabled` | `true` | Deploy Pi-hole + Unbound DNS |
11| `connectivity_npm_enabled` | `true` | Deploy Nginx Proxy Manager |
12| `connectivity_ddns_enabled` | `true` | Deploy Cloudflare DDNS updater |
13| `connectivity_wireguard_port` | `51820` | WireGuard listen port |
14| `connectivity_pihole_webport` | `8080` | Pi-hole admin UI port |
15| `connectivity_wg_network` | `10.20.0.0/24` | WireGuard tunnel subnet |
16| `vault_wireguard_*` | (vault) | WireGuard private keys and peer configs |
17| `vault_pihole_password` | (vault) | Pi-hole admin password |
18
19## Workflow
20
211. Create Docker base directory and networks (`wg`, `dns`)
222. Deploy WireGuard server with DNAT forwarding (if enabled)
233. Deploy Nginx Proxy Manager (if enabled)
244. Deploy Pi-hole + Unbound recursive resolver (if enabled)
255. Deploy Cloudflare DDNS updater (if enabled)
26