feat: openvpn & cert manager

2025-12-10 02:58:33 +01:00 · 2023-05-29 12:33:06 +00:00
parent 5cb291bdfd
commit 3347feee8f
6 changed files with 165 additions and 0 deletions
--- a/roles/openvpn/tasks/main.yaml
+++ b/roles/openvpn/tasks/main.yaml
@@ -0,0 +1,75 @@
+- name: Install VPNs
+  apt:
+    state: present
+    pkg:
+        - openvpn
+        - docker-compose
+
+- name: OpenVPN configs dirs
+  file:
+    name: "/etc/openvpn/{{ item }}"
+    state: directory
+  with_items:
+    - atlantishq
+
+- name: Deploy OpenVPN configs
+  template:
+    src: "{{ item }}.conf"
+    dest: "/etc/openvpn/{{ item }}/"
+  with_items:
+    - atlantishq
+
+- name: Openvpn Mgnt interface Pass file
+  copy:
+    content: "{{ openvpn_management_password }}"
+    dest: "/etc/openvpn/{{ openvpn_management_passfile }}"
+
+- name: Create data-dir
+  file:
+    name: /data/
+    state: directory
+
+- name: Create data-dir (client-config-dir)
+  file:
+    name: /data/certificate-manager/client-config-dir/
+    state: directory
+
+- name: Create opt-dir
+  file:
+    name: /opt/
+    state: directory
+
+- name: Certificate Manager Data Dir
+  file:
+    name: /data/certificate-manager/
+    state: directory
+
+- name: Cert Manager Config
+  template:
+    src: cert-manager-conf.py
+    dest: /data/certificate-manager/config.py
+  notify:
+    - reload async icinga settings
+
+- name: Create compose directories
+  file:
+    name: "/opt/certificate-manager/"
+    state: directory
+
+- name: Copy compose templates
+  template:
+    src: "certificate-manager.yaml"
+    dest: "/opt/certificate-manager/"
+
+- name: Log into private registry
+  docker_login:
+    registry: registry.atlantishq.de
+    username: docker
+    password: HISTORY_PURGED_SECRET
+
+- name: Deploy compose templates
+  community.docker.docker_compose:
+    project_src: "/opt/certificate-manager/"
+    pull: true
+    files:
+      - "certificate-manager.yaml"