mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-04-30 05:20:49 +08:00
69 lines
1.8 KiB
YAML
69 lines
1.8 KiB
YAML
---
|
|
# OpenVpn basic configuration
|
|
|
|
- name: Install needed package
|
|
package:
|
|
state: present
|
|
name:
|
|
- openvpn
|
|
tags:
|
|
- openvpn
|
|
- packages
|
|
when: ansible_distribution_major_version|int < 8
|
|
|
|
- name: Install needed package (dnf)
|
|
package:
|
|
state: present
|
|
name:
|
|
- openvpn
|
|
tags:
|
|
- openvpn
|
|
- packages
|
|
when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined
|
|
|
|
- name: Install certificate and key (rhel6 and fedora24 and older)
|
|
copy: src={{ private }}/files/vpn/pki/ca.crt
|
|
dest=/etc/openvpn/ca.crt
|
|
owner=root group=root mode=0600
|
|
tags:
|
|
- install
|
|
- openvpn
|
|
#notify:
|
|
#- restart openvpn (Fedora)
|
|
#- restart openvpn (RHEL7)
|
|
#- restart openvpn (RHEL6)
|
|
when: ansible_distribution_major_version|int < 25
|
|
|
|
- name: Install certificate and key (rhel7 or fedora) for client
|
|
copy: src={{ private }}/files/vpn/pki/ca.crt
|
|
dest=/etc/openvpn/client/ca.crt
|
|
owner=root group=root mode=0600
|
|
tags:
|
|
- install
|
|
- openvpn
|
|
#notify:
|
|
#- restart openvpn (Fedora)
|
|
#- restart openvpn (RHEL7)
|
|
#- restart openvpn (RHEL6)
|
|
when: ( ansible_distribution_major_version|int != 6 and ansible_distribution_major_version|int != 24 ) and ansible_cmdline.ostree is not defined
|
|
|
|
- name: Install certificate and key (rhel7 or fedora) for server
|
|
copy: src={{ private }}/files/vpn/pki/ca.crt
|
|
dest=/etc/openvpn/server/ca.crt
|
|
owner=root group=root mode=0600
|
|
tags:
|
|
- install
|
|
- openvpn
|
|
#notify:
|
|
#- restart openvpn (Fedora)
|
|
#- restart openvpn (RHEL7)
|
|
#- restart openvpn (RHEL6)
|
|
when: inventory_hostname.startswith('bastion0')
|
|
|
|
- name: install fix-routes.sh script
|
|
copy: src=fix-routes.sh
|
|
dest=/etc/openvpn/fix-routes.sh
|
|
owner=root group=root mode=0755
|
|
tags:
|
|
- openvpn
|