61 lines
1.3 KiB
YAML
61 lines
1.3 KiB
YAML
---
|
|
- name: Install packages
|
|
ansible.builtin.package:
|
|
name: openvpn--
|
|
state: installed
|
|
|
|
- name: Create chroot
|
|
ansible.builtin.file:
|
|
path: /var/openvpn
|
|
state: directory
|
|
mode: "0750"
|
|
owner: root
|
|
group: _openvpn
|
|
|
|
- name: Create chroot /tmp
|
|
ansible.builtin.file:
|
|
path: /var/openvpn/tmp
|
|
state: directory
|
|
mode: "0770"
|
|
owner: _openvpn
|
|
group: _openvpn
|
|
|
|
- name: Create config directory
|
|
ansible.builtin.file:
|
|
path: /etc/openvpn
|
|
state: directory
|
|
mode: "0755"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Create key directory
|
|
ansible.builtin.file:
|
|
path: /etc/openvpn/keys
|
|
state: directory
|
|
mode: "0700"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Copy authentication key
|
|
ansible.builtin.copy:
|
|
src: "{{ ansible_private }}/files/openvpn/{{ inventory_hostname }}.key"
|
|
dest: /etc/openvpn/keys/tap0.key
|
|
mode: "0600"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Copy config
|
|
ansible.builtin.copy:
|
|
src: "{{ ansible_private }}/files/openvpn/{{ inventory_hostname }}.conf"
|
|
dest: /etc/openvpn/tap0.conf
|
|
mode: "0600"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
|
|
- name: Create interface config
|
|
ansible.builtin.copy:
|
|
src: hostname.tap0
|
|
dest: /etc/hostname.tap0
|
|
mode: "0600"
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|