blob: 3ae28a99440e40fd31bc4f8183206f1b00773537 [file] [log] [blame]
---
# strongswan tasks/main.yml
#
# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
# SPDX-License-Identifier: Apache-2.0
- name: Include OS-specific vars
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml"
- "{{ ansible_distribution }}.yml"
- "{{ ansible_os_family }}.yml"
- name: Include OS-specific tasks
include_tasks: "{{ ansible_os_family }}.yml"
- name: Copy VTI configuration and script
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
backup: true
owner: root
group: root
mode: "{{ item.mode }}"
with_items:
- {src: "vti.conf", dest: "/etc/strongswan.d/vti.conf", mode: 0644}
- {src: "ipsec-vti.sh", dest: "/etc/ipsec.d/ipsec-vti.sh", mode: a+x}
when: not strongswan_conf_install_routes
- name: Create ipsec configurations from template
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
backup: true
owner: root
group: root
mode: 0640
with_items:
- {src: "ipsec.secrets.j2", dest: "/etc/ipsec.secrets"}
- {src: "ipsec.conf.j2", dest: "/etc/ipsec.conf"}
notify:
- restart-ipsec