Gitiles
Code Review Sign In
gerrit.opencord.org / ansible / role / strongswan / f7cfb4f15c9edc314b22bc6c0999dcfd848aaad3
commitf7cfb4f15c9edc314b22bc6c0999dcfd848aaad3[log] [tgz]
authorZack Williams <zdw@opennetworking.org>Mon Mar 28 16:42:52 2022 -0700
committerZack Williams <zdw@opennetworking.org>Mon Jun 13 17:05:50 2022 -0700
tree64f398f9dc1216273d95799ab541f17a74fe5811
parent75b9b2a95ce1847034f18b62d217fe34a762a6b2 [diff]
Make role multiplatform

- On debian 11 strongswan daemon has different name
- Make config file backups when overwriting
- Add closeaction configuration option
- More metadata fixes
- Change tests to run standalone

Change-Id: I04474cb4601060059c4e603560d1873ad6598a77
10 files changed
tree: 64f398f9dc1216273d95799ab541f17a74fe5811
  1. .cookiecutter_params.json
  2. .gitreview
  3. .reuse/
  4. LICENSES/
  5. Makefile
  6. README.md
  7. VERSION
  8. defaults/
  9. files/
  10. handlers/
  11. meta/
  12. molecule/
  13. tasks/
  14. templates/
  15. vars/
README.md

strongSwan

strongSwan IPSec VPN daemon

Requirements

Requires BIRD to be installed if the VPNs are dynamic route based.

Minimum ansible version: 2.9.5

Examples

Example: policy-based VPN

strongswan_conf_install_routes: yes
strongswan_conf_connections:
  - name: tunnel1
    psk: secret
    left: 10.0.0.3
    leftid: 128.105.144.189
    left_subnets: 0.0.0.0/0
    right: 34.124.6.243
    right_subnets: 0.0.0.0/0

Example: dynamic route-based VPN

strongswan_conf_connections:
  - name: tunnel1
    vti:
      local: 169.254.0.2/30
      remote: 169.254.0.1/30
    psk: secret
    left: 10.0.0.3
    leftid: 128.105.144.189
    left_subnets: 0.0.0.0/0
    right: 34.124.6.243

Example: playbook

- hosts: all
  vars:
  roles:
    - bird
    - strongswan

License and Author

© 2020 Open Networking Foundation support@opennetworking.org

License: Apache-2.0