Merge
diff --git a/xos/synchronizers/vpn/steps/sync_vpntenant.yaml b/xos/synchronizers/vpn/steps/sync_vpntenant.yaml
index 04234ba..238591d 100644
--- a/xos/synchronizers/vpn/steps/sync_vpntenant.yaml
+++ b/xos/synchronizers/vpn/steps/sync_vpntenant.yaml
@@ -21,33 +21,20 @@
- name: stop openvpn
shell: killall openvpn || true
- - name: erase server key
- shell: rm -f server.key
+ - name: make sure /opt/openvpn exists
+ file: path=/opt/openvpn state=directory
- - name: write server key
- shell: echo {{ '{{' }} item {{ '}}' }} >> server.key
- with_items: {{ server_key }}
+ - name: get server key
+ copy: src=/opt/openvpn/easyrsa3/pki/private/server.key dest=/opt/openvpn/server.key
- - name: erase server crt
- shell: rm -f server.crt
+ - name: get server crt
+ copy: src=/opt/openvpn/easyrsa3/pki/issued/server.crt dest=/opt/openvpn/server.crt
- - name: write server crt
- shell: echo {{ '{{' }} item {{ '}}' }} >> server.crt
- with_items: {{ server_crt }}
+ - name: get ca crt
+ copy: src=/opt/openvpn/easyrsa3/pki/ca.crt dest=/opt/openvpn/ca.crt
- - name: erase ca crt
- shell: rm -f ca.crt
-
- - name: write ca crt
- shell: echo {{ '{{' }} item {{ '}}' }} >> ca.crt
- with_items: {{ ca_crt }}
-
- - name: erase dh
- shell: rm -f dh.pem
-
- - name: write dh
- shell: echo {{ '{{' }} item {{ '}}' }} >> dh.pem
- with_items: {{ dh }}
+ - name: get dh
+ copy: src=/opt/openvpn/easyrsa3/pki/dh.pem dest=/opt/openvpn/dh.pem
- name: erase config
shell: rm -f server.conf
@@ -65,9 +52,10 @@
port 1194
proto udp
dev tun
- cert server.crt
- key server.key
- dh dh.pem
+ ca /opt/openvpn/ca.crt
+ cert /opt/openvpn/server.crt
+ key /opt/openvpn/server.key
+ dh /opt/openvpn/dh.pem
server {{ server_network }} {{ vpn_subnet }}
ifconfig-pool-persist ipp.txt
comp-lzo