summaryrefslogtreecommitdiffstats
path: root/roles/common/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/tasks')
-rw-r--r--roles/common/tasks/ipsec.yml28
1 files changed, 14 insertions, 14 deletions
diff --git a/roles/common/tasks/ipsec.yml b/roles/common/tasks/ipsec.yml
index ca03c98..ce158fe 100644
--- a/roles/common/tasks/ipsec.yml
+++ b/roles/common/tasks/ipsec.yml
@@ -6,9 +6,9 @@
- libstrongswan-standard-plugins
notify:
- Update firewall
- - Restart IPSec
+ - Restart IPsec
-- name: Auto-create a dedicated virtual subnet for IPSec
+- name: Auto-create a dedicated virtual subnet for IPsec
template: src=etc/network/if-up.d/ipsec.j2
dest=/etc/network/if-up.d/ipsec
owner=root group=root
@@ -16,7 +16,7 @@
notify:
- Reload networking
-- name: Auto-deactivate the dedicated virtual subnet for IPSec
+- name: Auto-deactivate the dedicated virtual subnet for IPsec
file: src=../if-up.d/ipsec
dest=/etc/network/if-down.d/ipsec
owner=root group=root state=link force=yes
@@ -24,23 +24,23 @@
- meta: flush_handlers
-- name: Configure IPSec
+- name: Configure IPsec
template: src=etc/ipsec.conf.j2
dest=/etc/ipsec.conf
owner=root group=root
mode=0644
register: r1
notify:
- - Restart IPSec
+ - Restart IPsec
-- name: Configure IPSec's secrets
+- name: Configure IPsec's secrets
template: src=etc/ipsec.secrets.j2
dest=/etc/ipsec.secrets
owner=root group=root
mode=0600
register: r2
notify:
- - Restart IPSec
+ - Restart IPsec
- name: Configure Charon
copy: src=etc/strongswan.d/{{ item }}
@@ -52,9 +52,9 @@
- charon/socket-default.conf
register: r3
notify:
- - Restart IPSec
+ - Restart IPsec
-- name: Generate a key pair for IPSec public key authentication
+- name: Generate a key pair for IPsec public key authentication
command: genkeypair.sh keypair
--pubkey=/etc/ipsec.d/certs/{{ inventory_hostname_short }}.pem
--privkey=/etc/ipsec.d/private/{{ inventory_hostname_short }}.key
@@ -63,11 +63,11 @@
changed_when: r4.rc == 0
failed_when: r4.rc > 1
notify:
- - Restart IPSec
+ - Restart IPsec
tags:
- genkey
-- name: Fetch the public part of IPSec host key
+- name: Fetch the public part of IPsec host key
# Ensure we don't fetch private data
become: False
fetch: src=/etc/ipsec.d/certs/{{ inventory_hostname_short }}.pem
@@ -78,7 +78,7 @@
# Don't copy our pubkey due to a possible race condition. Only the
# remote machine has authority regarding its key.
-- name: Copy the public part of IPSec peers' key
+- name: Copy the public part of IPsec peers' key
copy: src=certs/ipsec/{{ hostvars[item].inventory_hostname_short }}.pem
dest=/etc/ipsec.d/certs/{{ hostvars[item].inventory_hostname_short }}.pem
owner=root group=root
@@ -88,8 +88,8 @@
tags:
- genkey
notify:
- - Restart IPSec
+ - Restart IPsec
-- name: Start IPSec
+- name: Start IPsec
service: name=ipsec state=started
when: not (r1.changed or r2.changed or r3.changed or r4.changed or r5.changed)