Gitiles
Code Review Sign In
gerrit.opencord.org / ansible / role / strongswan / 6a19e04653cee30f9b0db6d8b53d2a1956da5f22 / . / tasks / main.yml
blob: dff3f3a12d16e1c2b50fdd606e35347ff9ca2f55 [file] [log] [blame]
Hyunsun Moona5c3f642020-11-11 02:53:03 -0800[diff] [blame]1---
2# strongswan tasks/main.yml
3#
4# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
5# SPDX-License-Identifier: Apache-2.0
6
7- name: Include OS-specific vars
8 include_vars: "{{ ansible_os_family }}.yml"
9
10- name: Include OS-specific tasks
11 include_tasks: "{{ ansible_os_family }}.yml"
12
13- name: Copy VTI configuration and script
14 copy:
15 src: "{{ item.src }}"
16 dest: "{{ item.dest }}"
17 owner: root
18 group: root
19 mode: "{{ item.mode }}"
20 with_items:
21 - {src: "vti.conf", dest: "/etc/strongswan.d/vti.conf", mode: 0644}
22 - {src: "ipsec-vti.sh", dest: "/etc/ipsec.d/ipsec-vti.sh", mode: a+x}
23 when: not strongswan_conf_install_routes
24
25- name: Create ipsec configurations from template
26 template:
27 src: "{{ item.src }}"
28 dest: "{{ item.dest }}"
29 owner: root
30 group: root
31 mode: 0640
32 with_items:
33 - {src: "ipsec.secrets.j2", dest: "/etc/ipsec.secrets"}
34 - {src: "ipsec.conf.j2", dest: "/etc/ipsec.conf"}
35 notify:
36 - restart-ipsec