fix: openvpn config

2025-12-06 09:01:38 +01:00 · 2024-07-20 12:21:59 +00:00
parent 708a996baf
commit 928e905fd7
3 changed files with 16 additions and 14 deletions
--- a/roles/openvpn/tasks/main.yaml
+++ b/roles/openvpn/tasks/main.yaml
@@ -12,13 +12,21 @@
  with_items:
    - atlantishq

+- name: Create OpenVPN config dirs
+  file:
+    dest: "/etc/openvpn/{{ item.name }}-{{ item.dev_type }}/"
+    state: directory
+  with_items:
+    - { "name" : "atlantishq", "dev_type" : "tap", "port" : 7012, "proto" : "tcp" }
+    - { "name" : "atlantishq", "dev_type" : "tun", "port" : 7013, "proto" : "tcp" }
+
 - name: Deploy OpenVPN configs
  template:
-    src: "{{ item }}.conf"
+    src: "{{ item.name }}.conf"
    dest: "/etc/openvpn/{{ item.name }}-{{ item.dev_type }}/{{ item.name }}-{{ item.dev_type }}.conf"
  with_items:
-    - { "name" : "atlantishq", "dev_type" : "tap", "port" : 7012 }
-    - { "name" : "atlantishq", "dev_type" : "tun", "port" : 7013 }
+    - { "name" : "atlantishq", "dev_type" : "tap", "port" : 7012, "proto" : "tcp" }
+    - { "name" : "atlantishq", "dev_type" : "tun", "port" : 7013, "proto" : "tcp" }

 - name: Openvpn Mgnt interface Pass file
  copy:
@@ -60,12 +68,6 @@
    src: "certificate-manager.yaml"
    dest: "/opt/certificate-manager/"

- name: Log into private registry
-  docker_login:
-    registry: registry.atlantishq.de
-    username: docker
-    password: HISTORY_PURGED_SECRET
-
 - name: Deploy compose templates
  community.docker.docker_compose:
    project_src: "/opt/certificate-manager/"
--- a/roles/openvpn/templates/atlantishq.conf
+++ b/roles/openvpn/templates/atlantishq.conf
@@ -2,12 +2,12 @@ server 172.16.1.0 255.255.255.0
 #server-ipv6 fd2a:aef:608:1::/64

 dev athq_sheppyvpn
-dev-type {{ dev_type }}
+dev-type {{ item.dev_type }}

-proto {{ proto }}
-port {{ port }}
+proto {{ item.proto }}
+port {{ item.port }}

-{% if dev_type == "tap" %}
+{% if item.dev_type == "tap" %}
 topology subnet
 client-to-client
 {% endif %}
--- a/roles/openvpn/templates/certificate-manager.yaml
+++ b/roles/openvpn/templates/certificate-manager.yaml
@@ -1,5 +1,5 @@
 certificate-manager:
-    image: registry.atlantishq.de/certificate-manager:latest
+    image: harbor-registry.atlantishq.de/atlantishq/certificate-manager:latest
    restart: always
    ports:
        - 6000:5000