diff options
Diffstat (limited to 'roles/common/templates/etc')
-rw-r--r-- | roles/common/templates/etc/ipsec.conf.j2 | 30 | ||||
-rw-r--r-- | roles/common/templates/etc/ipsec.secrets.j2 | 5 |
2 files changed, 0 insertions, 35 deletions
diff --git a/roles/common/templates/etc/ipsec.conf.j2 b/roles/common/templates/etc/ipsec.conf.j2 deleted file mode 100644 index 1dbcdbd..0000000 --- a/roles/common/templates/etc/ipsec.conf.j2 +++ /dev/null @@ -1,30 +0,0 @@ -# {{ ansible_managed }} -# Do NOT edit this file directly! - -config setup - plutostart = no - -# Add connections here. - -conn %default - keyexchange = ikev2 - ikelifetime = 1h - keylife = 15m - rekeymargin = 3m - keyingtries = 1 - esp = aes128gcm16-ecp256! - ike = aes128gcm16-aesxcbc-ecp256! - # TODO: test DynDNS - mobike = no - leftauth = pubkey - left = %defaultroute - leftcert = {{ inventory_hostname }}.pem - leftfirewall = yes - rightauth = pubkey - auto = start -{% for host in groups.all | difference([inventory_hostname]) | sort %} - -conn {{ host }} - right = {{ hostvars[host]['inventory_hostname'] }} - rightcert = {{ hostvars[host]['inventory_hostname'] }}.pem -{%- endfor %} diff --git a/roles/common/templates/etc/ipsec.secrets.j2 b/roles/common/templates/etc/ipsec.secrets.j2 deleted file mode 100644 index da707bd..0000000 --- a/roles/common/templates/etc/ipsec.secrets.j2 +++ /dev/null @@ -1,5 +0,0 @@ -# {{ ansible_managed }} -# Do NOT edit this file directly! - -# Our VPN uses ECC only. -: ECDSA {{ inventory_hostname }}.key |