ansible/roles/fastd/tasks/main.yml

63 lines
2.0 KiB
YAML
Raw Normal View History

---
2018-07-26 17:59:49 +02:00
- name: Create group
group: name=fastd
- name: Create user
user: name=fastd group=fastd
- name: Install fastd
apt: name=fastd state=latest
- name: Install haveged (to create entropy)
apt: name=haveged
2017-11-09 21:21:19 +01:00
- name: Systemd unit for fastd
copy: src=fastd@.service dest=/etc/systemd/system/fastd@.service
notify:
- Reload systemd
- Restart fastd
- name: Disable fastd default instance
service: name=fastd enabled=no
2018-07-26 17:59:49 +02:00
- name: Create config directory
2018-01-21 20:46:21 +01:00
file: path=/etc/fastd/{{ site_code }} state=directory
2018-07-26 17:59:49 +02:00
- name: Create config directories
2018-01-21 20:46:21 +01:00
file: path=/etc/fastd/{{ site_code }}{{ item }}/peers state=directory
with_sequence: start=0 count={{ fastd_instances }}
- name: Configure fastd
2018-01-21 20:46:21 +01:00
template: src=fastd.conf.j2 dest=/etc/fastd/{{ site_code }}{{ item }}/fastd.conf
with_sequence: start=0 count={{ fastd_instances }}
notify: Restart fastd
- name: Generate fastd secret
2018-01-21 20:46:21 +01:00
fastd_key: path=/etc/fastd/{{ site_code }}/secret.conf
notify: Restart fastd
2018-07-26 17:59:49 +02:00
- name: Permissions (secret)
file: owner=fastd group=fastd path=/etc/fastd/{{ site_code }}/secret.conf
2018-01-21 20:46:21 +01:00
- name: Create symlinks (secret)
file: src=/etc/fastd/{{ site_code }}/secret.conf dest=/etc/fastd/{{ site_code }}{{ item }}/secret.conf state=link
with_sequence: start=0 count={{ fastd_instances }}
- name: Create Blacklist Script
copy: src=blacklist.sh dest=/etc/fastd/{{ site_code }}/blacklist.sh mode=0755 force=yes
2018-01-21 20:46:21 +01:00
- name: Create symlinks (blacklist)
file: src=/etc/fastd/{{ site_code }}/blacklist.sh dest=/etc/fastd/{{ site_code }}{{ item }}/blacklist.sh state=link
with_sequence: start=0 count={{ fastd_instances }}
- name: Create Blacklist directory
file: path=/etc/fastd/{{ site_code }}/vpn-blacklist/ state=directory
- name: Create Blacklist file
2019-03-27 15:16:32 +01:00
copy: src=blacklist.json dest=/etc/fastd/{{ site_code }}/vpn-blacklist/blacklist.json mode=0644
2018-01-21 20:46:21 +01:00
- name: Enable fastd {{ site_code }}
service: name=fastd@{{ site_code }}{{ item }} enabled=yes
with_sequence: start=0 count={{ fastd_instances }}