From 76ea7f67aed879e0a917b1775c2c3ab6d2d44f25 Mon Sep 17 00:00:00 2001 From: Jack Ivanov Date: Wed, 26 Oct 2016 18:56:23 +0300 Subject: [PATCH] extra vars added to use local DNS #110 --- algo | 2 +- config.cfg | 4 ---- roles/vpn/templates/ipsec.conf.j2 | 2 +- 3 files changed, 2 insertions(+), 6 deletions(-) diff --git a/algo b/algo index 1727abf..c24fe1e 100755 --- a/algo +++ b/algo @@ -19,7 +19,7 @@ read -p " Do you want to install a local DNS resolver to block ads while surfing? [y/N]: " -r dns_enabled dns_enabled=${dns_enabled:-n} -if [[ "$dns_enabled" =~ ^(y|Y)$ ]]; then ROLES+=" dns"; fi +if [[ "$dns_enabled" =~ ^(y|Y)$ ]]; then ROLES+=" dns"; EXTRA_VARS+=" local_dns=Y"; fi read -p " Do you want to use auditd for security monitoring (see config.cfg)? diff --git a/config.cfg b/config.cfg index c9cedd8..6db3c7e 100644 --- a/config.cfg +++ b/config.cfg @@ -27,10 +27,6 @@ vpn_network_ipv6: 'fd9d:bc11:4020::/48' server_name: "{{ ansible_ssh_host }}" IP_subject_alt_name: "{{ ansible_ssh_host }}" -# Enable this variable if you want to use a local DNS resolver to block ads while surfing. (True or False) -service_dns: True - -# If you don't want to use a local DNS resolver (option `service_dns`) you need to define DNS servers in this list. dns_servers: - 8.8.8.8 - 8.8.4.4 diff --git a/roles/vpn/templates/ipsec.conf.j2 b/roles/vpn/templates/ipsec.conf.j2 index fa29458..2bd6ad1 100644 --- a/roles/vpn/templates/ipsec.conf.j2 +++ b/roles/vpn/templates/ipsec.conf.j2 @@ -17,7 +17,7 @@ conn %default right=%any rightauth=pubkey rightsourceip={{ vpn_network }},{{ vpn_network_ipv6 }} -{% if service_dns is defined and service_dns == "Y" %} +{% if local_dns is defined and local_dns == "Y" %} rightdns={{ local_service_ip }} {% else %} rightdns={% for host in dns_servers %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}