Add ansible role to configure openvpn

[infra/tools.git] / infra / configure_openvpn_client / playbooks / roles / vpn-client / tasks / main.yml

---
# tasks file for vpn_client
- name: Create Directory for Client Config Files
  file:
    path: "{{ openvpn_ca }}/client_configs/{{ item }}"
    state: directory
    recurse: true
  with_items:
    - files
    - keys

- name: Copy Client Sample Config file
  template:
    src: base.conf.j2
    dest: "{{ openvpn_ca }}/client_configs/base.conf"
    force: true

- name: Client certs and keys to client_configs
  copy:
    src: "{{ item }}"
    dest: "{{ openvpn_ca }}/client_configs/keys"
  with_items:
    - "{{ hostvars['localhost']['vpn_user_files_location'] }}/{{ user_name }}.crt"
    - "{{ hostvars['localhost']['vpn_user_files_location'] }}/{{ user_name }}.key"

- name: Copy ta & Client certs and keys to client_configs
  copy:
    remote_src: true
    src: "{{ item }}"
    dest: "{{ openvpn_ca }}/client_configs/keys"
  with_items:
    - "/etc/openvpn/ta.key"
    - "/etc/openvpn/ca.crt"

- name: Create Client .ovpn file
  script: make_config.sh "{{ user_name }}"
  args:
    chdir: "{{ openvpn_ca }}/client_configs/"
    executable: /bin/bash

- name: Fetch Client .ovpn file
  fetch:
    src: "{{ openvpn_ca }}/client_configs/files/{{ item|basename }}"
    dest: "{{ hostvars['localhost']['vpn_user_files_location'] }}/"
    flat: true
  with_items:
    - "{{ user_name }}.ovpn"

- name: Start and Enable Openvpn Service
  systemd:
    name: openvpn@server
    state: restarted
    daemon_reload: true
    enabled: true

- name: Log  user specific ovpn files location on the console
  debug:
    msg:
      - +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      - zone specific user ovpn files are located in {{ hostvars['localhost']['vpn_user_files_location'] }}
      - +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      - ''