diff options
author | Christian Pointner <equinox@spreadspace.org> | 2021-11-16 22:34:30 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2021-11-16 22:34:30 +0100 |
commit | 65fb49fc5f3e4628353ee2e54c5ced76c5bc40fa (patch) | |
tree | 94ae7cb1810ccdfd732c2c71036578d226d08166 /roles/network/openvpn/server/tasks | |
parent | openvpn roles - bas scaffolding and certs (diff) |
openvpn: initial support for server/client
Diffstat (limited to 'roles/network/openvpn/server/tasks')
-rw-r--r-- | roles/network/openvpn/server/tasks/main.yml | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/roles/network/openvpn/server/tasks/main.yml b/roles/network/openvpn/server/tasks/main.yml index 98bb220b..181feec9 100644 --- a/roles/network/openvpn/server/tasks/main.yml +++ b/roles/network/openvpn/server/tasks/main.yml @@ -2,7 +2,27 @@ - name: create TLS certificate and key import_tasks: tls.yml -## TODO: -## - generate/install openvpn configuration -## - generate/install client config directory -## - enable/start "openvpn-server@{{ openvpn_zone.name }}" +- name: generate openvpn config + template: + src: conf.j2 + dest: "/etc/openvpn/server/{{ openvpn_zone.name }}.conf" + notify: restart openvpn-server + +- name: create client-config directory + file: + path: "/etc/openvpn/server/{{ openvpn_zone.name }}-ccd" + state: directory + +- name: generate client-config snippets + loop: "{{ openvpn_zone.offsets | list | difference([inventory_hostname]) }}" + loop_control: + loop_var: client + template: + src: client.j2 + dest: "/etc/openvpn/server/{{ openvpn_zone.name }}-ccd/{{ client }}" + +- name: make sure openvpn-server systemd unit is enabled and started + systemd: + name: "openvpn-server@{{ openvpn_zone.name }}" + state: started + enabled: yes |