Make role multiplatform

- On debian 11 strongswan daemon has different name
- Make config file backups when overwriting
- Add closeaction configuration option
- More metadata fixes
- Change tests to run standalone

Change-Id: I04474cb4601060059c4e603560d1873ad6598a77
10 files changed
tree: 64f398f9dc1216273d95799ab541f17a74fe5811
  1. .cookiecutter_params.json
  2. .gitreview
  3. .reuse/
  4. LICENSES/
  5. Makefile
  6. README.md
  7. VERSION
  8. defaults/
  9. files/
  10. handlers/
  11. meta/
  12. molecule/
  13. tasks/
  14. templates/
  15. vars/
README.md

strongSwan

strongSwan IPSec VPN daemon

Requirements

Requires BIRD to be installed if the VPNs are dynamic route based.

Minimum ansible version: 2.9.5

Examples

Example: policy-based VPN

strongswan_conf_install_routes: yes
strongswan_conf_connections:
  - name: tunnel1
    psk: secret
    left: 10.0.0.3
    leftid: 128.105.144.189
    left_subnets: 0.0.0.0/0
    right: 34.124.6.243
    right_subnets: 0.0.0.0/0

Example: dynamic route-based VPN

strongswan_conf_connections:
  - name: tunnel1
    vti:
      local: 169.254.0.2/30
      remote: 169.254.0.1/30
    psk: secret
    left: 10.0.0.3
    leftid: 128.105.144.189
    left_subnets: 0.0.0.0/0
    right: 34.124.6.243

Example: playbook

- hosts: all
  vars:
  roles:
    - bird
    - strongswan

License and Author

© 2020 Open Networking Foundation support@opennetworking.org

License: Apache-2.0