ansible-ffibk/roles/service-tinc/tasks/main.yml

74 lines
1.5 KiB
YAML
Raw Normal View History

2017-09-29 13:32:20 +02:00
---
- name: install tinc packages
apt:
name: "{{ item }}"
state: present
with_items:
- tinc
notify: configure systemd unit tinc
- name: clone icvpn repo
git:
repo: "{{ icvpn.icvpn_repo }}"
dest: /etc/tinc/{{ icvpn.interface }}
version: master
2017-09-29 13:32:20 +02:00
update: no
- name: set directory permissions
file:
path: /etc/tinc/{{ icvpn.interface }}
state: directory
owner: admin
group: admin
recurse: yes
- name: register metanodes
command: cat /etc/tinc/{{ icvpn.interface }}/metanodes
register: metanodes
changed_when: false
- name: write tinc.conf
template:
src: tinc.conf.j2
dest: /etc/tinc/{{ icvpn.interface }}/tinc.conf
mode: 0664
owner: admin
group: admin
notify: restart systemd unit tinc
- name: write tinc-up hook script
template:
src: tinc-up.j2
dest: /etc/tinc/{{ icvpn.interface }}/tinc-up
mode: 0775
owner: admin
group: admin
notify: restart systemd unit tinc
- name: write tinc-down hook script
template:
src: tinc-down.j2
dest: /etc/tinc/{{ icvpn.interface }}/tinc-down
mode: 0775
owner: admin
group: admin
notify: restart systemd unit tinc
- name: write tinc private key
template:
src: rsa_key.priv.j2
dest: /etc/tinc/{{ icvpn.interface }}/rsa_key.priv
mode: 0600
owner: admin
group: admin
notify: restart systemd unit tinc
- name: write nets.boot
template:
src: nets.boot.j2
dest: /etc/tinc/nets.boot
mode: 0644
owner: root
group: root
notify: restart systemd unit tinc