diff --git a/playbooks/groups/mirrorlist.yml b/playbooks/groups/mirrorlist.yml index 19c1a8bbf1..54046cfd46 100644 --- a/playbooks/groups/mirrorlist.yml +++ b/playbooks/groups/mirrorlist.yml @@ -37,6 +37,7 @@ - include: $tasks/base.yml - include: $tasks/fas_client.yml - include: $tasks/2fa_client.yml + - include: $tasks/openvpn_client.yml - include: $tasks/motd.yml - include: $tasks/sudo.yml - include: $tasks/rkhunter.yml diff --git a/tasks/openvpn_client.yml b/tasks/openvpn_client.yml index 3ad2e6f04b..0817370a66 100644 --- a/tasks/openvpn_client.yml +++ b/tasks/openvpn_client.yml @@ -11,13 +11,15 @@ - config notify: - restart openvpn + when_string: "10.5" not in ${ansible_default_ipv4.address} -- name: /etc/openvpn/crl.pem g/secure/vpn/openvpn/keys/crl.pem +- name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem copy: src=$puppet_private/vpn/openvpn/keys/crl.pem dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root tags: - config notify: - restart openvpn + when_string: "10.5" not in ${ansible_default_ipv4.address} - name: /etc/openvpn/openvpn.conf copy: src=$files/openvpn/client.conf dest=/etc/openvpn/openvpn.conf @@ -25,6 +27,7 @@ - config notify: - restart openvpn + when_string: "10.5" not in ${ansible_default_ipv4.address} - name: /etc/openvpn/client.crt copy: src=$puppet_private/vpn/openvpn/keys/${inventory_hostname}.crt dest=/etc/openvpn/client.crt mode=0600 owner=root group=root @@ -32,6 +35,7 @@ - config notify: - restart openvpn + when_string: "10.5" not in ${ansible_default_ipv4.address} - name: /etc/openvpn/client.key copy: src=$puppet_private/vpn/openvpn/keys/${inventory_hostname}.key dest=/etc/openvpn/client.key mode=0600 owner=root group=root @@ -39,10 +43,11 @@ - config notify: - restart openvpn - + when_string: "10.5" not in ${ansible_default_ipv4.address} - name: enable openvpn service service: name=openvpn state=running enabled=true tags: - service + when_string: "10.5" not in ${ansible_default_ipv4.address}