diff options
Diffstat (limited to 'roles/common/tasks/ipsec.yml')
-rw-r--r-- | roles/common/tasks/ipsec.yml | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/roles/common/tasks/ipsec.yml b/roles/common/tasks/ipsec.yml new file mode 100644 index 0000000..d4270d7 --- /dev/null +++ b/roles/common/tasks/ipsec.yml @@ -0,0 +1,39 @@ +- name: Install strongSwan + apt: pkg=strongswan-ikev2 + +- name: Ensure we have our private key + file: path=/etc/ipsec.d/private/{{ inventory_hostname }}.key + owner=root group=root + mode=0600 + notify: + - Missing IPSec certificate + +- name: Ensure we have our public key + file: path=/etc/ipsec.d/certs/{{ inventory_hostname }}.pem + owner=root group=root + mode=0644 + notify: + - Missing IPSec certificate + +- name: Ensure we have the CA's public key + file: path=/etc/ipsec.d/cacerts/cacert.pem + owner=root group=root + mode=0644 + notify: + - Missing IPSec certificate + +- name: Configure IPSec's secrets + template: src=etc/ipsec.secrets.j2 + dest=/etc/ipsec.secrets + owner=root group=root + mode=0600 + notify: + - Restart IPSec + +- name: Configure IPSec + template: src=etc/ipsec.conf.j2 + dest=/etc/ipsec.conf + owner=root group=root + mode=0644 + notify: + - Restart IPSec |