diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2020-10-25 19:11:13 +0100 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2020-10-25 19:11:13 +0100 |
commit | 59f913cc1efa21bd8df1a395d4d20f0b451965c2 (patch) | |
tree | 6d5c86e1154d022ca9ce4843726f02879f5cc22b /ansible/experiments/strongswan/strongswan-server.yml | |
parent | 5838f6791c7a7bae297f67c18b240716e608c761 (diff) | |
download | infra-59f913cc1efa21bd8df1a395d4d20f0b451965c2.tar.gz infra-59f913cc1efa21bd8df1a395d4d20f0b451965c2.tar.bz2 infra-59f913cc1efa21bd8df1a395d4d20f0b451965c2.tar.xz infra-59f913cc1efa21bd8df1a395d4d20f0b451965c2.zip |
o Removing experiments.
Diffstat (limited to 'ansible/experiments/strongswan/strongswan-server.yml')
-rw-r--r-- | ansible/experiments/strongswan/strongswan-server.yml | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/ansible/experiments/strongswan/strongswan-server.yml b/ansible/experiments/strongswan/strongswan-server.yml deleted file mode 100644 index e555b90..0000000 --- a/ansible/experiments/strongswan/strongswan-server.yml +++ /dev/null @@ -1,67 +0,0 @@ -- hosts: - - knot - vars_files: - - strongswan-vars.yml - vars: - peers: - - arius - handlers: - - name: systemctl restart strongswan - become: true - systemd: - name: strongswan - state: restarted - tasks: - - become: true - block: - - name: packages - apt: - name: "{{ item }}" - install_recommends: no - with_items: - - strongswan-swanctl - - name: install certs - with_items: "{{ peers }}" - copy: - src=swanctl/{{ item }}/rsa/{{ item }}-key.der - dest=/etc/swanctl/rsa/{{ item }}-key.der - - name: install swanctl.conf - notify: systemctl restart strongswan - copy: - dest: /etc/swanctl/conf.d/trygvis.io.conf - content: | - connections { - - rw { - local_addrs = fec0::1 - - local { - auth = pubkey - certs = moonCert.pem - id = moon.strongswan.org - } - remote { - auth = pubkey - } - children { - net { - local_ts = {{ strongswan_ts }} - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128-sha256-x25519 - } - } - version = 2 - proposals = aes128-sha256-x25519 - } - } - - authorities { - strongswan { - #cacert = caCert.pem - #crl_uris = http://ip6-winnetou.strongswan.org/strongswan.crl - cacert = ca-cert.der - crl_uris = - } - } - |