summaryrefslogtreecommitdiffstats
path: root/roles/common/templates
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/templates')
-rw-r--r--roles/common/templates/etc/ipsec.conf.j230
-rw-r--r--roles/common/templates/etc/ipsec.secrets.j25
2 files changed, 0 insertions, 35 deletions
diff --git a/roles/common/templates/etc/ipsec.conf.j2 b/roles/common/templates/etc/ipsec.conf.j2
deleted file mode 100644
index 1dbcdbd..0000000
--- a/roles/common/templates/etc/ipsec.conf.j2
+++ /dev/null
@@ -1,30 +0,0 @@
-# {{ ansible_managed }}
-# Do NOT edit this file directly!
-
-config setup
- plutostart = no
-
-# Add connections here.
-
-conn %default
- keyexchange = ikev2
- ikelifetime = 1h
- keylife = 15m
- rekeymargin = 3m
- keyingtries = 1
- esp = aes128gcm16-ecp256!
- ike = aes128gcm16-aesxcbc-ecp256!
- # TODO: test DynDNS
- mobike = no
- leftauth = pubkey
- left = %defaultroute
- leftcert = {{ inventory_hostname }}.pem
- leftfirewall = yes
- rightauth = pubkey
- auto = start
-{% for host in groups.all | difference([inventory_hostname]) | sort %}
-
-conn {{ host }}
- right = {{ hostvars[host]['inventory_hostname'] }}
- rightcert = {{ hostvars[host]['inventory_hostname'] }}.pem
-{%- endfor %}
diff --git a/roles/common/templates/etc/ipsec.secrets.j2 b/roles/common/templates/etc/ipsec.secrets.j2
deleted file mode 100644
index da707bd..0000000
--- a/roles/common/templates/etc/ipsec.secrets.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-# {{ ansible_managed }}
-# Do NOT edit this file directly!
-
-# Our VPN uses ECC only.
-: ECDSA {{ inventory_hostname }}.key