Refactor lmn_wlan role
- Consolidate `lmn_wlan`, `lmn_wlan_nm`, and `lmn_wlan_8021x` into single `lmn_wlan` role.
- Implement a check for the availability of the radius-server during the EAP-TLS rollout.
- Enhance variable support with a standardized naming schema:
- Mode selection via `wlan` variable (`none`, `psk`, `eap-tls`).
- EAP-TLS CA configuration (CA information, email address, CA password).
- Introduce a switch to force the (re-)issue of existing certificates.
- PSK configuration through `wlan_ssid` and `wlan_password`.
- Add a check to verify if the radius certificate is revoked.
- Ensure required packages and services are only installed and configured if the `wifi` variable is set.
This commit is contained in:
Finn Hercke
parent
9f1c60eefd
commit
a68aaeb81c
9 changed files with 561 additions and 538 deletions
13
roles/lmn_wlan/defaults/main.yaml
Normal file
13
roles/lmn_wlan/defaults/main.yaml
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
wlan: none
|
||||
wlan_force_issue: false
|
||||
wlan_ssid: "Linux-Wlan"
|
||||
wlan_password: "VerySecurePassw0rd"
|
||||
wlan_eap_ca:
|
||||
C: "DE"
|
||||
ST: "Baden-Wuerttemberg"
|
||||
L: "Reutlingen"
|
||||
O: "Linuxschule"
|
||||
emailAddress: "admin@example.com"
|
||||
CN: "Radius Certificate Authority"
|
||||
password: "OtherVerySecurePassw0rd"
|
||||
Loading…
Add table
Add a link
Reference in a new issue