only run/set this up if we're not inside phx2
This commit is contained in:
parent
9d1fa6f2ab
commit
cb9aa62459
2 changed files with 8 additions and 2 deletions
|
|
@ -11,13 +11,15 @@
|
|||
- config
|
||||
notify:
|
||||
- restart openvpn
|
||||
when_string: "10.5" not in ${ansible_default_ipv4.address}
|
||||
|
||||
- name: /etc/openvpn/crl.pem g/secure/vpn/openvpn/keys/crl.pem
|
||||
- name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem
|
||||
copy: src=$puppet_private/vpn/openvpn/keys/crl.pem dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root
|
||||
tags:
|
||||
- config
|
||||
notify:
|
||||
- restart openvpn
|
||||
when_string: "10.5" not in ${ansible_default_ipv4.address}
|
||||
|
||||
- name: /etc/openvpn/openvpn.conf
|
||||
copy: src=$files/openvpn/client.conf dest=/etc/openvpn/openvpn.conf
|
||||
|
|
@ -25,6 +27,7 @@
|
|||
- config
|
||||
notify:
|
||||
- restart openvpn
|
||||
when_string: "10.5" not in ${ansible_default_ipv4.address}
|
||||
|
||||
- name: /etc/openvpn/client.crt
|
||||
copy: src=$puppet_private/vpn/openvpn/keys/${inventory_hostname}.crt dest=/etc/openvpn/client.crt mode=0600 owner=root group=root
|
||||
|
|
@ -32,6 +35,7 @@
|
|||
- config
|
||||
notify:
|
||||
- restart openvpn
|
||||
when_string: "10.5" not in ${ansible_default_ipv4.address}
|
||||
|
||||
- name: /etc/openvpn/client.key
|
||||
copy: src=$puppet_private/vpn/openvpn/keys/${inventory_hostname}.key dest=/etc/openvpn/client.key mode=0600 owner=root group=root
|
||||
|
|
@ -39,10 +43,11 @@
|
|||
- config
|
||||
notify:
|
||||
- restart openvpn
|
||||
|
||||
when_string: "10.5" not in ${ansible_default_ipv4.address}
|
||||
|
||||
- name: enable openvpn service
|
||||
service: name=openvpn state=running enabled=true
|
||||
tags:
|
||||
- service
|
||||
when_string: "10.5" not in ${ansible_default_ipv4.address}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue