openvpn: Initial version of role

2021-03-16 00:55:43 +00:00 · 2021-03-16 00:55:43 +00:00 · 644299f49a
commit 644299f49a
parent e0c70ad530
2 changed files with 64 additions and 0 deletions
--- a/roles/openvpn/files/hostname.tap0
+++ b/roles/openvpn/files/hostname.tap0
@ -0,0 +1,2 @@
+up
+!/usr/local/sbin/openvpn --daemon --config /etc/openvpn/tap0.conf
--- a/roles/openvpn/tasks/main.yml
+++ b/roles/openvpn/tasks/main.yml
@ -0,0 +1,62 @@
+---
+
+- name: install packages
+  package:
+    name: openvpn--
+    state: installed
+
+- name: create chroot
+  file:
+    path: /var/openvpn
+    state: directory
+    mode: 0750
+    owner: root
+    group: _openvpn
+
+- name: create chroot /tmp
+  file:
+    path: /var/openvpn/tmp
+    state: directory
+    mode: 0770
+    owner: _openvpn
+    group: _openvpn
+
+- name: create config directory
+  file:
+    path: /etc/openvpn
+    state: directory
+    mode: 0755
+    owner: root
+    group: "{{ ansible_wheel }}"
+
+- name: create key directory
+  file:
+    path: /etc/openvpn/keys
+    state: directory
+    mode: 0700
+    owner: root
+    group: "{{ ansible_wheel }}"
+
+- name: copy authentication key
+  copy:
+    src: "{{ ansible_private }}/files/openvpn/tap0.key.{{ inventory_hostname }}"
+    dest: /etc/openvpn/keys/tap0.key
+    mode: 0600
+    owner: root
+    group: "{{ ansible_wheel }}"
+
+- name: copy config
+  copy:
+    src: "{{ ansible_private }}/files/openvpn/tap0.conf.{{ inventory_hostname }}"
+    dest: /etc/openvpn/tap0.conf
+    mode: 0600
+    owner: root
+    group: "{{ ansible_wheel }}"
+
+- name: create interface config
+  copy:
+    src: hostname.tap0
+    dest: /etc/hostname.tap0
+    mode: 0600
+    owner: root
+    group: "{{ ansible_wheel }}"