diff --git a/roles/vpn/tasks/client_configs.yml b/roles/vpn/tasks/client_configs.yml index ea1621a2..21f52cf5 100644 --- a/roles/vpn/tasks/client_configs.yml +++ b/roles/vpn/tasks/client_configs.yml @@ -4,18 +4,18 @@ shell: cat private/{{ item }}.p12 | base64 register: PayloadContent args: - chdir: "configs/{{ IP_subject_alt_name }}/pki/" + chdir: "configs/{{ DNS_subject_alt_name }}/pki/" with_items: "{{ users }}" - name: Set facts for mobileconfigs set_fact: proxy_enabled: false - PayloadContentCA: "{{ lookup('file' , 'configs/{{ IP_subject_alt_name }}/pki/cacert.pem')|b64encode }}" + PayloadContentCA: "{{ lookup('file' , 'configs/{{ DNS_subject_alt_name }}/pki/cacert.pem')|b64encode }}" - name: Build the mobileconfigs template: src: mobileconfig.j2 - dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.mobileconfig + dest: configs/{{ DNS_subject_alt_name }}/{{ item.0 }}.mobileconfig mode: 0600 with_together: - "{{ users }}" @@ -25,7 +25,7 @@ - name: Build the strongswan app android config template: src: sswan.j2 - dest: configs/{{ IP_subject_alt_name }}/android_{{ item.0 }}.sswan + dest: configs/{{ DNS_subject_alt_name }}/android_{{ item.0 }}.sswan mode: 0600 with_together: - "{{ users }}" @@ -35,7 +35,7 @@ - name: Build the android helper html template: src: android_html_helper.j2 - dest: configs/{{ IP_subject_alt_name }}/android_{{ item.0 }}_helper.html + dest: configs/{{ DNS_subject_alt_name }}/android_{{ item.0 }}_helper.html mode: 0600 with_together: - "{{ users }}" @@ -44,7 +44,7 @@ - name: Build the client ipsec config file template: src: client_ipsec.conf.j2 - dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.conf + dest: configs/{{ DNS_subject_alt_name }}/ipsec_{{ item }}.conf mode: 0600 with_items: - "{{ users }}" @@ -52,7 +52,7 @@ - name: Build the client ipsec secret file template: src: client_ipsec.secrets.j2 - dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.secrets + dest: configs/{{ DNS_subject_alt_name }}/ipsec_{{ item }}.secrets mode: 0600 with_items: - "{{ users }}" @@ -60,18 +60,18 @@ - name: Create the windows check file file: state: touch - path: configs/{{ IP_subject_alt_name }}/.supports_windows + path: configs/{{ DNS_subject_alt_name }}/.supports_windows when: Win10_Enabled is defined and Win10_Enabled == "Y" - name: Check if the windows check file exists stat: - path: configs/{{ IP_subject_alt_name }}/.supports_windows + path: configs/{{ DNS_subject_alt_name }}/.supports_windows register: supports_windows - name: Build the windows client powershell script template: src: client_windows.ps1.j2 - dest: configs/{{ IP_subject_alt_name }}/windows_{{ item }}.ps1 + dest: configs/{{ DNS_subject_alt_name }}/windows_{{ item }}.ps1 mode: 0600 when: Win10_Enabled is defined and Win10_Enabled == "Y" or supports_windows.stat.exists == true with_items: "{{ users }}" @@ -82,4 +82,4 @@ state: directory mode: 0700 with_items: - - configs/{{ IP_subject_alt_name }} + - configs/{{ DNS_subject_alt_name }} diff --git a/roles/vpn/tasks/distribute_keys.yml b/roles/vpn/tasks/distribute_keys.yml index d50ecfa4..620cc547 100644 --- a/roles/vpn/tasks/distribute_keys.yml +++ b/roles/vpn/tasks/distribute_keys.yml @@ -8,18 +8,18 @@ group: "{{ item.group }}" mode: "{{ item.mode }}" with_items: - - src: "configs/{{ IP_subject_alt_name }}/pki/cacert.pem" + - src: "configs/{{ DNS_subject_alt_name }}/pki/cacert.pem" dest: "{{ config_prefix|default('/') }}etc/ipsec.d/cacerts/ca.crt" owner: strongswan group: "{{ root_group|default('root') }}" mode: "0600" - - src: "configs/{{ IP_subject_alt_name }}/pki/certs/{{ IP_subject_alt_name }}.crt" - dest: "{{ config_prefix|default('/') }}etc/ipsec.d/certs/{{ IP_subject_alt_name }}.crt" + - src: "configs/{{ DNS_subject_alt_name }}/pki/certs/{{ DNS_subject_alt_name }}.crt" + dest: "{{ config_prefix|default('/') }}etc/ipsec.d/certs/{{ DNS_subject_alt_name }}.crt" owner: strongswan group: "{{ root_group|default('root') }}" mode: "0600" - - src: "configs/{{ IP_subject_alt_name }}/pki/private/{{ IP_subject_alt_name }}.key" - dest: "{{ config_prefix|default('/') }}etc/ipsec.d/private/{{ IP_subject_alt_name }}.key" + - src: "configs/{{ DNS_subject_alt_name }}/pki/private/{{ DNS_subject_alt_name }}.key" + dest: "{{ config_prefix|default('/') }}etc/ipsec.d/private/{{ DNS_subject_alt_name }}.key" owner: strongswan group: "{{ root_group|default('root') }}" mode: "0600"