-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloud-vpn.yml
49 lines (39 loc) · 955 Bytes
/
cloud-vpn.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
---
- hosts: local
connection: local
roles:
- basis
- backup
- easy-rsa
- vpn
- checkmk
vars:
users_local: []
users: "{{ users_local + users_admin }}"
fail2ban_activate_modules:
- sshd
- nginx
# easy-rsa
easy_rsa_servers:
- name: "{{ vpn_server }}"
state: present
easy_rsa_vars_conf:
country: "GERMANY"
province: "Niedersachsen"
city: "Wendeburg"
company: "Hühner Cloud"
mail: "{{ admin_mail_address }}"
easy_rsa_clients: "{{ vpn_users + vpn_apps }}"
# OpenVPN
vpn_server: "example-cloud-vpn"
vpn_users: "{{ users | json_query('[?contains(groups, `vpn`)].{name: name, state: state}') }}"
vpn_apps:
- name: admin.exampleapp
state: present
vpn_clients: "{{ vpn_users + vpn_apps }}"
# Backup
backup_targets:
file:
- "/etc/openvpn"
vars_files:
- "group_vars/environment.yaml"