mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-04-27 12:03:38 +08:00
64 lines
1.7 KiB
YAML
64 lines
1.7 KiB
YAML
---
|
|
# OpenVpn server
|
|
|
|
- name: Install needed packages
|
|
package: name={{ item }} state=present
|
|
with_items:
|
|
- openvpn
|
|
tags:
|
|
- packages
|
|
- openvpn
|
|
|
|
- name: Create the /etc/openvpn/server/ccd/ directory
|
|
file: >
|
|
dest=/etc/openvpn/server/ccd/
|
|
mode=0755
|
|
owner=root
|
|
group=root
|
|
state=directory
|
|
tags:
|
|
- openvpn
|
|
|
|
- name: Install configuration files
|
|
copy: src={{ item.file }}
|
|
dest={{ item.dest }}
|
|
owner=root group=root mode={{ item.mode }}
|
|
with_items:
|
|
- { file: server.conf,
|
|
dest: /etc/openvpn/server/openvpn.conf,
|
|
mode: '0644' }
|
|
- { file: "{{ private }}/files/vpn/pki/crl.pem",
|
|
dest: /etc/openvpn/server/crl.pem,
|
|
mode: '0644' }
|
|
- { file: "{{ private }}/files/vpn/pki/issued/bastion.fedoraproject.org.crt",
|
|
dest: /etc/openvpn/server/server.crt,
|
|
mode: '0644' }
|
|
- { file: "{{ private }}/files/vpn/pki/private/bastion.fedoraproject.org.key",
|
|
dest: /etc/openvpn/server/server.key,
|
|
mode: '0600' }
|
|
- { file: "{{ private }}/files/vpn/dh2048.pem",
|
|
dest: /etc/openvpn/server/dh2048.pem,
|
|
mode: '0644' }
|
|
tags:
|
|
- install
|
|
- openvpn
|
|
|
|
- name: Install the ccd files
|
|
copy: src=ccd/ dest=/etc/openvpn/server/ccd/
|
|
tags:
|
|
- openvpn
|
|
|
|
- name: disable old openvpn service for rhel 7 or Fedora
|
|
service: name=openvpn@openvpn state=stopped enabled=false
|
|
when: ( ansible_distribution_version[0] == 7 or is_fedora is defined ) and openvpn_master is defined
|
|
tags:
|
|
- service
|
|
- openvpn
|
|
|
|
- name: enable openvpn service for rhel 7 or Fedora
|
|
service: name=openvpn-server@openvpn state=started enabled=true
|
|
when: ( ansible_distribution_version[0] == 7 or is_fedora is defined ) and openvpn_master is defined
|
|
tags:
|
|
- service
|
|
- openvpn
|