#63 wip ... openvpn overwrite config

defaults/main.yml

@@ -18,3 +18,12 @@ opn_openvpn_instances_defaults:
   verb: 3
   topology: subnet
   role: server
+
+# defaults for opn_openvpn_instances
+opn_openvpn_overwrites_defaults:
+  enabled: 1
+  block: 0
+  push_reset: 0
+  register_dns: 0
+
+...

tasks/openvpn.yml

@@ -69,6 +69,16 @@
 #           push "dhcp-option DOMAIN abc.example.net"
 #           push "dhcp-option DOMAIN xyz.example.net"
 
+- name: OpenVPN Overwrites configuration
+  ansible.builtin.include_tasks: openvpnoverwrite.yml
+  vars:
+    uuid: "{{ overwrite.key }}"
+    overwritecfg: "{{ overwrite.value | combine(opn_openvpn_overwrites_defaults) }}"
+  with_dict:
+    - "{{ opn_openvpn_overwrites | default({}) }}"
+  loop_control:
+    loop_var: overwrite
+
 - name: OpenVPN Instances configuration
   ansible.builtin.include_tasks: openvpninstance.yml
   vars:

tasks/openvpnoverwrite.yml

@@ -0,0 +1,27 @@
+---
+
+- name: OpenVPN Overwrite settings
+  delegate_to: localhost
+  community.general.xml:
+    path: "{{ local_config_path }}"
+    xpath: "/opnsense/OPNsense/OpenVPN/Overwrites/Overwrite[@uuid='{{ uuid }}']/{{ item.key }}"
+    value: "{{ item.value }}"
+    pretty_print: true
+  when:
+    - item.key not in ['dns_domain_search', 'dns_servers', 'ntp_servers', 'wins_servers'] or item.value is string
+  with_dict:
+    - "{{ overwritecfg | default({}) }}"
+
+- name: OpenVPN Overwrite settings with list elements
+  delegate_to: localhost
+  community.general.xml:
+    path: "{{ local_config_path }}"
+    xpath: "/opnsense/OPNsense/OpenVPN/Overwrites/Overwrite[@uuid='{{ uuid }}']/{{ item.key }}"
+    value: "{{ item.value | join(',') }}"
+    pretty_print: true
+  when:
+    - item.key in ['dns_domain_search', 'dns_servers', 'ntp_servers', 'wins_servers'] and not item.value is string
+  with_dict:
+    - "{{ overwritecfg | default({}) }}"
+
+...