From 1cf024e37fad6870156bfa2843545f4738ba5e64 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Tue, 25 Aug 2020 14:12:12 -0700
Subject: [PATCH] Freeze break request: add vpn ccd file and vpn role to
 retrace

We need retrace03 on the vpn at least for now, or else 2fa won't work.
At some point when fasClient is gone we may be able to drop this
when we switch to sssd or something else.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 playbooks/groups/retrace.yml                                    | 1 +
 .../openvpn/server/files/ccd/retrace03.rdu-cc.fedoraproject.org | 2 ++
 2 files changed, 3 insertions(+)
 create mode 100644 roles/openvpn/server/files/ccd/retrace03.rdu-cc.fedoraproject.org

diff --git a/playbooks/groups/retrace.yml b/playbooks/groups/retrace.yml
index e6d06972da..11472e1cb9 100644
--- a/playbooks/groups/retrace.yml
+++ b/playbooks/groups/retrace.yml
@@ -65,6 +65,7 @@
     - import_role: name=fas_client
     - import_role: name=rkhunter
     - import_role: name=nagios_client
+    - import_role: name=openvpn/client
     - import_role: name=sudo
 
     - import_tasks: "{{ tasks_path }}/2fa_client.yml"
diff --git a/roles/openvpn/server/files/ccd/retrace03.rdu-cc.fedoraproject.org b/roles/openvpn/server/files/ccd/retrace03.rdu-cc.fedoraproject.org
new file mode 100644
index 0000000000..0074dda18e
--- /dev/null
+++ b/roles/openvpn/server/files/ccd/retrace03.rdu-cc.fedoraproject.org
@@ -0,0 +1,2 @@
+# ifconfig-push actualIP PtPIP
+ifconfig-push 192.168.1.36 192.168.0.36