diff options
Diffstat (limited to 'roles/common/templates')
| -rw-r--r-- | roles/common/templates/etc/ipsec.conf.j2 | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/roles/common/templates/etc/ipsec.conf.j2 b/roles/common/templates/etc/ipsec.conf.j2 index ceed16a..5ac2dd1 100644 --- a/roles/common/templates/etc/ipsec.conf.j2 +++ b/roles/common/templates/etc/ipsec.conf.j2 @@ -10,31 +10,30 @@ config setup # Add connections here. conn %default keyexchange = ikev2 ikelifetime = 1h keylife = 15m rekeymargin = 3m keyingtries = 1 esp = aes128gcm16-ecp256! ike = aes128gcm16-aesxcbc-ecp256! # TODO: test DynDNS mobike = no leftauth = pubkey left = %defaultroute leftcert = {{ inventory_hostname }}.pem leftid = "C=SE, O=Fripost, OU=IPsec, CN={{ inventory_hostname }}" leftca = "C=SE, O=Fripost, OU=root CA, CN=IPsec (internal network)" leftfirewall = yes rightauth = pubkey rightca = %same - type = transport auto = start {% for host in groups.all|sort %} {% if host != inventory_hostname %} conn {{ host }} right = {{ hostvars[host]['inventory_hostname'] }} rightid = "C=SE, O=Fripost, OU=IPsec, CN={{ hostvars[host]['inventory_hostname'] }}" {% endif -%} {%- endfor %} |