Merge branch 'master' into dependabot/pip/ansible-9.4.0

config.cfg

@@ -206,7 +206,7 @@ cloud_providers:
     image: Ubuntu 22.04 Jammy Jellyfish
     arch: x86_64
   hetzner:
-    server_type: cx11
+    server_type: cx22
     image: ubuntu-22.04
   openstack:
     flavor_ram: ">=512"

docs/deploy-from-cloudshell.md

@@ -1,5 +1,4 @@
 # Deploy from Google Cloud Shell
-**IMPORTANT NOTE: As of 2021-12-14 Algo requires Python 3.8, but Google Cloud Shell only provides Python 3.7.3. The instructions below will not work until Google updates Cloud Shell to have at least Python 3.8.**
 
 If you want to try Algo but don't wish to install the software on your own system you can use the **free** [Google Cloud Shell](https://cloud.google.com/shell/) to deploy a VPN to any supported cloud provider. Note that you cannot choose `Install to existing Ubuntu server` to turn Google Cloud Shell into your VPN server.
 

roles/cloud-vultr/tasks/prompts.yml

@@ -54,5 +54,5 @@
   set_fact:
     algo_vultr_region: >-
       {% if region is defined %}{{ region }}
-      {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['name'] | lower }}
+      {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['regioncode'] | lower }}
       {%- else %}{{ vultr_regions[default_region | int - 1]['regioncode'] | lower }}{% endif %}

roles/strongswan/tasks/openssl.yml

@@ -155,10 +155,25 @@
         format: OpenSSH
       with_items: "{{ users }}"
 
+    - name: Get OpenSSL version
+      shell: |
+        set -o pipefail
+        {{ openssl_bin }} version |
+        cut -f 2 -d ' '
+      args:
+        executable: bash
+      register: ssl_version
+      run_once: true
+
+    - name: Set OpenSSL version fact
+      set_fact:
+        openssl_version: "{{ ssl_version.stdout }}"
+
     - name: Build the client's p12
       shell: >
         umask 077;
         {{ openssl_bin }} pkcs12
+        {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }}
         -in certs/{{ item }}.crt
         -inkey private/{{ item }}.key
         -export
@@ -175,6 +190,7 @@
       shell: >
         umask 077;
         {{ openssl_bin }} pkcs12
+        {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }}
         -in certs/{{ item }}.crt
         -inkey private/{{ item }}.key
         -export

users.yml

@@ -25,18 +25,17 @@
           set_fact:
             server_list: >-
               [{% for i in _configs_list.files %}
-                {% set config  = lookup('file', i.path)|from_yaml %}
+                {% set config = lookup('file', i.path) | from_yaml %}
-                '{{ config.server }}'
+                {{ {'server': config.server, 'IP_subject_alt_name': config.IP_subject_alt_name} }}
-                {{ ',' if not loop.last else '' }}
               {% endfor %}]
 
         - name: Server address prompt
           pause:
             prompt: |
-              Select the server to update user list below:
+              Select the server to update user list below: 
                 {% for r in server_list %}
-                {{ loop.index }}. {{ r }}
+                  {{ loop.index }}. {{ r.server }} ({{ r.IP_subject_alt_name }})
-                {% endfor %}
+              {% endfor %}
           register: _server
       when: server is undefined
 
@@ -45,7 +44,7 @@
           set_fact:
             algo_server: >-
               {% if server is defined %}{{ server }}
-              {%- elif _server.user_input %}{{ server_list[_server.user_input | int -1 ] }}
+              {%- elif _server.user_input %}{{ server_list[_server.user_input | int -1 ].server }}
               {%- else %}omit{% endif %}
 
         - name: Import host specific variables