Refactor lmn_vpn role
- Separate `lmn_vpn` from `lmn_teacherlaptop`. - Implement a check for the availability of the wireguard-server during the wg-config rollout. - Enhance variable support with a standardized naming schema: - VPN selection via `vpn` variable (`none`, `wg`). - Wireguard configuration (endpoint, allowed IPs, ip_cdr, dns, searchpath). - Run wg-config role in separate play with serial 1 to avoid conflicts, when the role attempts to determine the next free Wireguard IP on the server when role try to Add a check to verify if the radius certificate is revoked. - Ensure required packages and services are only installed and configured if the `vpn` variable is set. - Provide documentation for `lmn_vpn` module.
This commit is contained in:
parent
a68aaeb81c
commit
f1cb7486a5
11 changed files with 676 additions and 580 deletions
|
@ -1,26 +0,0 @@
|
|||
[connection]
|
||||
id=VPN-Schule
|
||||
type=wireguard
|
||||
autoconnect=false
|
||||
interface-name=wg0
|
||||
|
||||
[wireguard]
|
||||
listen-port=51820
|
||||
private-key={{ wg_privatekey }}
|
||||
mtu=1280
|
||||
|
||||
[wireguard-peer.{{ wg_serverpublickey }}]
|
||||
endpoint={{ wg_endpoint }}
|
||||
allowed-ips={{ wg_allowed_ips }}
|
||||
|
||||
[ipv4]
|
||||
address1={{ wg_ip }}/{{ wg_ip_cdr }}
|
||||
dns={{ wg_dns }}
|
||||
dns-search={{ wg_dns_search }}
|
||||
method=manual
|
||||
|
||||
[ipv6]
|
||||
addr-gen-mode=stable-privacy
|
||||
method=ignore
|
||||
|
||||
[proxy]
|
Loading…
Add table
Add a link
Reference in a new issue