2021-12-29 15:45:48 +01:00
|
|
|
---
|
|
|
|
{%- from "openvpn_server/map.jinja" import openvpn_server with context %}
|
2022-12-09 23:47:57 +01:00
|
|
|
{%- from "openvpn_client/map.jinja" import openvpn_client with context %}
|
2021-12-29 15:45:48 +01:00
|
|
|
{%- for key, instance in openvpn_server.config.items() %}
|
|
|
|
openvpn-server-{{ key }}-config:
|
|
|
|
file.managed:
|
|
|
|
- name: /etc/openvpn/{{ key }}.conf
|
|
|
|
- source: salt://openvpn_server/templates/{{ key }}.conf.j2
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: 0600
|
|
|
|
- template: jinja
|
|
|
|
- context:
|
|
|
|
ca: |
|
|
|
|
{{ instance.ca|indent(8) }}
|
|
|
|
cert: |
|
|
|
|
{{ instance.cert|indent(8) }}
|
|
|
|
key: |
|
|
|
|
{{ instance.key|indent(8) }}
|
|
|
|
dh: |
|
|
|
|
{{ instance.dh|indent(8) }}
|
|
|
|
routes: {{ instance.routes }}
|
|
|
|
config: {{ instance.config }}
|
|
|
|
tunnel: {{ instance.tunnel }}
|
|
|
|
dns: {{ instance.dns }}
|
|
|
|
- watch_in:
|
|
|
|
- service: openvpn-server-{{ key }}-service
|
2022-12-09 23:47:57 +01:00
|
|
|
|
|
|
|
{% for user in openvpn_client.config[key].remote_hosts -%}
|
|
|
|
openvpn-server-user-{{ user.name }}:
|
|
|
|
user.present:
|
|
|
|
- name: {{ user.name }}
|
|
|
|
- password: {{ user.password }}
|
|
|
|
- hash_password: true
|
|
|
|
- shell: /sbin/nologin
|
|
|
|
{% endfor -%}
|
2022-12-17 18:03:46 +01:00
|
|
|
{%- endfor %}
|