diff options
Diffstat (limited to 'roles/common/templates/etc/ipsec.conf.j2')
-rw-r--r-- | roles/common/templates/etc/ipsec.conf.j2 | 17 |
1 files changed, 4 insertions, 13 deletions
diff --git a/roles/common/templates/etc/ipsec.conf.j2 b/roles/common/templates/etc/ipsec.conf.j2 index 5ac2dd1..1dbcdbd 100644 --- a/roles/common/templates/etc/ipsec.conf.j2 +++ b/roles/common/templates/etc/ipsec.conf.j2 @@ -2,10 +2,7 @@ # Do NOT edit this file directly! config setup - # crlcheckinterval = 600 - strictcrlpolicy = no - # cachecrls = yes - plutostart = no + plutostart = no # Add connections here. @@ -22,18 +19,12 @@ conn %default leftauth = pubkey left = %defaultroute leftcert = {{ inventory_hostname }}.pem - leftid = "C=SE, O=Fripost, OU=IPsec, CN={{ inventory_hostname }}" - leftca = "C=SE, O=Fripost, OU=root CA, CN=IPsec (internal network)" leftfirewall = yes rightauth = pubkey - rightca = %same auto = start - -{% for host in groups.all|sort %} -{% if host != inventory_hostname %} +{% for host in groups.all | difference([inventory_hostname]) | sort %} conn {{ host }} - right = {{ hostvars[host]['inventory_hostname'] }} - rightid = "C=SE, O=Fripost, OU=IPsec, CN={{ hostvars[host]['inventory_hostname'] }}" -{% endif -%} + right = {{ hostvars[host]['inventory_hostname'] }} + rightcert = {{ hostvars[host]['inventory_hostname'] }}.pem {%- endfor %} |