Hyunsun Moon | a5c3f64 | 2020-11-11 02:53:03 -0800 | [diff] [blame] | 1 | --- |
| 2 | # strongswan tasks/main.yml |
| 3 | # |
| 4 | # SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org> |
| 5 | # SPDX-License-Identifier: Apache-2.0 |
| 6 | |
| 7 | - name: Include OS-specific vars |
Zack Williams | f7cfb4f | 2022-03-28 16:42:52 -0700 | [diff] [blame^] | 8 | include_vars: "{{ item }}" |
| 9 | with_first_found: |
| 10 | - "{{ ansible_distribution }}_{{ ansible_distribution_version }}.yml" |
| 11 | - "{{ ansible_distribution }}.yml" |
| 12 | - "{{ ansible_os_family }}.yml" |
Hyunsun Moon | a5c3f64 | 2020-11-11 02:53:03 -0800 | [diff] [blame] | 13 | |
| 14 | - name: Include OS-specific tasks |
| 15 | include_tasks: "{{ ansible_os_family }}.yml" |
| 16 | |
| 17 | - name: Copy VTI configuration and script |
| 18 | copy: |
| 19 | src: "{{ item.src }}" |
| 20 | dest: "{{ item.dest }}" |
Zack Williams | f7cfb4f | 2022-03-28 16:42:52 -0700 | [diff] [blame^] | 21 | backup: true |
Hyunsun Moon | a5c3f64 | 2020-11-11 02:53:03 -0800 | [diff] [blame] | 22 | owner: root |
| 23 | group: root |
| 24 | mode: "{{ item.mode }}" |
| 25 | with_items: |
| 26 | - {src: "vti.conf", dest: "/etc/strongswan.d/vti.conf", mode: 0644} |
| 27 | - {src: "ipsec-vti.sh", dest: "/etc/ipsec.d/ipsec-vti.sh", mode: a+x} |
| 28 | when: not strongswan_conf_install_routes |
| 29 | |
| 30 | - name: Create ipsec configurations from template |
| 31 | template: |
| 32 | src: "{{ item.src }}" |
| 33 | dest: "{{ item.dest }}" |
Zack Williams | f7cfb4f | 2022-03-28 16:42:52 -0700 | [diff] [blame^] | 34 | backup: true |
Hyunsun Moon | a5c3f64 | 2020-11-11 02:53:03 -0800 | [diff] [blame] | 35 | owner: root |
| 36 | group: root |
| 37 | mode: 0640 |
| 38 | with_items: |
| 39 | - {src: "ipsec.secrets.j2", dest: "/etc/ipsec.secrets"} |
| 40 | - {src: "ipsec.conf.j2", dest: "/etc/ipsec.conf"} |
| 41 | notify: |
| 42 | - restart-ipsec |