-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsetup-openvpn.yaml
61 lines (52 loc) · 1.42 KB
/
setup-openvpn.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
- name: Install pip
apt:
name: python-pip
- name: Install python deps
pip:
name:
- docker
- pexpect
- name: Fix python deps 1
pip:
name: backports.ssl-match-hostname
state: absent
- name: Fix python deps 2
apt:
name: python-backports.ssl-match-hostname
- name: Remove existing OVPN container
docker_container:
name: ovpn-daemon
state: absent
- name: Create a volume for openvpn
docker_volume:
recreate: always
name: ovpn_vol
- name: Generate OpenVPN configs
docker_container:
name: ovpn-genconfig
image: kylemanna/openvpn
log_driver: none
volumes:
- ovpn_vol:/etc/openvpn
auto_remove: true
command: ["ovpn_genconfig", "-u", "udp://{{ dns_hostname }}"]
- name: Init OpenVPN PKI
expect:
command: docker run -v ovpn_vol:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki
timeout: 600
responses:
Enter New CA Key Passphrase: "{{ ovpn_pki_password }}"
Re-Enter New CA Key Passphrase: "{{ ovpn_pki_password }}"
Common Name(.*): "{{ dns_hostname }}"
Enter pass phrase for(.*): "{{ ovpn_pki_password }}"
(.*)Enter pass phrase for(.*): "{{ ovpn_pki_password }}"
- name: Start OpenVPN daemon
docker_container:
name: ovpn-daemon
image: kylemanna/openvpn
volumes: ovpn_vol:/etc/openvpn
capabilities: NET_ADMIN
detach: yes
restart_policy: always
ports:
- "1194:1194/udp"