summaryrefslogtreecommitdiff
path: root/roles/network/openvpn/server/tasks/main.yml
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2021-11-16 22:34:30 +0100
committerChristian Pointner <equinox@spreadspace.org>2021-11-16 22:34:30 +0100
commit65fb49fc5f3e4628353ee2e54c5ced76c5bc40fa (patch)
tree94ae7cb1810ccdfd732c2c71036578d226d08166 /roles/network/openvpn/server/tasks/main.yml
parentopenvpn roles - bas scaffolding and certs (diff)
openvpn: initial support for server/client
Diffstat (limited to 'roles/network/openvpn/server/tasks/main.yml')
-rw-r--r--roles/network/openvpn/server/tasks/main.yml28
1 files changed, 24 insertions, 4 deletions
diff --git a/roles/network/openvpn/server/tasks/main.yml b/roles/network/openvpn/server/tasks/main.yml
index 98bb220b..181feec9 100644
--- a/roles/network/openvpn/server/tasks/main.yml
+++ b/roles/network/openvpn/server/tasks/main.yml
@@ -2,7 +2,27 @@
- name: create TLS certificate and key
import_tasks: tls.yml
-## TODO:
-## - generate/install openvpn configuration
-## - generate/install client config directory
-## - enable/start "openvpn-server@{{ openvpn_zone.name }}"
+- name: generate openvpn config
+ template:
+ src: conf.j2
+ dest: "/etc/openvpn/server/{{ openvpn_zone.name }}.conf"
+ notify: restart openvpn-server
+
+- name: create client-config directory
+ file:
+ path: "/etc/openvpn/server/{{ openvpn_zone.name }}-ccd"
+ state: directory
+
+- name: generate client-config snippets
+ loop: "{{ openvpn_zone.offsets | list | difference([inventory_hostname]) }}"
+ loop_control:
+ loop_var: client
+ template:
+ src: client.j2
+ dest: "/etc/openvpn/server/{{ openvpn_zone.name }}-ccd/{{ client }}"
+
+- name: make sure openvpn-server systemd unit is enabled and started
+ systemd:
+ name: "openvpn-server@{{ openvpn_zone.name }}"
+ state: started
+ enabled: yes