From 644299f49a6bad09b5955d6a658eb9390deda1b3 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Tue, 16 Mar 2021 00:55:43 +0000 Subject: [PATCH] openvpn: Initial version of role --- roles/openvpn/files/hostname.tap0 | 2 + roles/openvpn/tasks/main.yml | 62 +++++++++++++++++++++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 roles/openvpn/files/hostname.tap0 create mode 100644 roles/openvpn/tasks/main.yml diff --git a/roles/openvpn/files/hostname.tap0 b/roles/openvpn/files/hostname.tap0 new file mode 100644 index 0000000..cd1c353 --- /dev/null +++ b/roles/openvpn/files/hostname.tap0 @@ -0,0 +1,2 @@ +up +!/usr/local/sbin/openvpn --daemon --config /etc/openvpn/tap0.conf diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml new file mode 100644 index 0000000..50bcd74 --- /dev/null +++ b/roles/openvpn/tasks/main.yml @@ -0,0 +1,62 @@ +--- + +- name: install packages + package: + name: openvpn-- + state: installed + +- name: create chroot + file: + path: /var/openvpn + state: directory + mode: 0750 + owner: root + group: _openvpn + +- name: create chroot /tmp + file: + path: /var/openvpn/tmp + state: directory + mode: 0770 + owner: _openvpn + group: _openvpn + +- name: create config directory + file: + path: /etc/openvpn + state: directory + mode: 0755 + owner: root + group: "{{ ansible_wheel }}" + +- name: create key directory + file: + path: /etc/openvpn/keys + state: directory + mode: 0700 + owner: root + group: "{{ ansible_wheel }}" + +- name: copy authentication key + copy: + src: "{{ ansible_private }}/files/openvpn/tap0.key.{{ inventory_hostname }}" + dest: /etc/openvpn/keys/tap0.key + mode: 0600 + owner: root + group: "{{ ansible_wheel }}" + +- name: copy config + copy: + src: "{{ ansible_private }}/files/openvpn/tap0.conf.{{ inventory_hostname }}" + dest: /etc/openvpn/tap0.conf + mode: 0600 + owner: root + group: "{{ ansible_wheel }}" + +- name: create interface config + copy: + src: hostname.tap0 + dest: /etc/hostname.tap0 + mode: 0600 + owner: root + group: "{{ ansible_wheel }}"