blob: 1dbcdbd081aaec4362b5a67e7e8db3bdcd68e490 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# {{ ansible_managed }}
# Do NOT edit this file directly!
config setup
plutostart = no
# Add connections here.
conn %default
keyexchange = ikev2
ikelifetime = 1h
keylife = 15m
rekeymargin = 3m
keyingtries = 1
esp = aes128gcm16-ecp256!
ike = aes128gcm16-aesxcbc-ecp256!
# TODO: test DynDNS
mobike = no
leftauth = pubkey
left = %defaultroute
leftcert = {{ inventory_hostname }}.pem
leftfirewall = yes
rightauth = pubkey
auto = start
{% for host in groups.all | difference([inventory_hostname]) | sort %}
conn {{ host }}
right = {{ hostvars[host]['inventory_hostname'] }}
rightcert = {{ hostvars[host]['inventory_hostname'] }}.pem
{%- endfor %}
|
