summaryrefslogtreecommitdiffstats
path: root/roles/common/tasks/ipsec.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/tasks/ipsec.yml')
-rw-r--r--roles/common/tasks/ipsec.yml16
1 files changed, 16 insertions, 0 deletions
diff --git a/roles/common/tasks/ipsec.yml b/roles/common/tasks/ipsec.yml
index d4270d7..3d7a1dd 100644
--- a/roles/common/tasks/ipsec.yml
+++ b/roles/common/tasks/ipsec.yml
@@ -37,3 +37,19 @@
mode=0644
notify:
- Restart IPSec
+
+- name: Auto-create a dedicated interface for IPSec
+ copy: src=etc/network/if-up.d/ipsec
+ dest=/etc/network/if-up.d/ipsec
+ owner=root group=root
+ mode=0755
+
+# XXX: As of 1.3.1 ansible doesn't accept relative src.
+# See https://github.com/ansible/ansible/issues/4459
+- name: Auto-deactivate the dedicated interface for IPSec
+ file: #src=../if-up.d/ipsec
+ src=/etc/network/if-up.d/ipsec
+ dest=/etc/network/if-down.d/ipsec
+ owner=root group=root state=link
+ notify:
+ - Reload networking
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 23:59:49 +0000