wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-09-06 20:13:11 +02:00
Code Issues Projects Releases Wiki Activity

Fix ip

Browse source
This commit is contained in:
Ernesto Serrano 2018-03-26 09:52:34 +02:00
parent 56196d65f0
commit a99fb0ee41
2 changed files with 16 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
roles/vpn/tasks/client_configs.yml
View file

@ -4,18 +4,18 @@
shell: cat private/{{ item }}.p12 | base64 shell: cat private/{{ item }}.p12 | base64
register: PayloadContent register: PayloadContent
args: args:
chdir: "configs/{{ IP_subject_alt_name }}/pki/" chdir: "configs/{{ DNS_subject_alt_name }}/pki/"
with_items: "{{ users }}" with_items: "{{ users }}"
- name: Set facts for mobileconfigs - name: Set facts for mobileconfigs
set_fact: set_fact:
proxy_enabled: false proxy_enabled: false
PayloadContentCA: "{{ lookup('file' , 'configs/{{ IP_subject_alt_name }}/pki/cacert.pem')|b64encode }}" PayloadContentCA: "{{ lookup('file' , 'configs/{{ DNS_subject_alt_name }}/pki/cacert.pem')|b64encode }}"
- name: Build the mobileconfigs - name: Build the mobileconfigs
template: template:
src: mobileconfig.j2 src: mobileconfig.j2
dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.mobileconfig dest: configs/{{ DNS_subject_alt_name }}/{{ item.0 }}.mobileconfig
mode: 0600 mode: 0600
with_together: with_together:
- "{{ users }}" - "{{ users }}"
@ -25,7 +25,7 @@
- name: Build the strongswan app android config - name: Build the strongswan app android config
template: template:
src: sswan.j2 src: sswan.j2
dest: configs/{{ IP_subject_alt_name }}/android_{{ item.0 }}.sswan dest: configs/{{ DNS_subject_alt_name }}/android_{{ item.0 }}.sswan
mode: 0600 mode: 0600
with_together: with_together:
- "{{ users }}" - "{{ users }}"
@ -35,7 +35,7 @@
- name: Build the android helper html - name: Build the android helper html
template: template:
src: android_html_helper.j2 src: android_html_helper.j2
dest: configs/{{ IP_subject_alt_name }}/android_{{ item.0 }}_helper.html dest: configs/{{ DNS_subject_alt_name }}/android_{{ item.0 }}_helper.html
mode: 0600 mode: 0600
with_together: with_together:
- "{{ users }}" - "{{ users }}"
@ -44,7 +44,7 @@
- name: Build the client ipsec config file - name: Build the client ipsec config file
template: template:
src: client_ipsec.conf.j2 src: client_ipsec.conf.j2
dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.conf dest: configs/{{ DNS_subject_alt_name }}/ipsec_{{ item }}.conf
mode: 0600 mode: 0600
with_items: with_items:
- "{{ users }}" - "{{ users }}"
@ -52,7 +52,7 @@
- name: Build the client ipsec secret file - name: Build the client ipsec secret file
template: template:
src: client_ipsec.secrets.j2 src: client_ipsec.secrets.j2
dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.secrets dest: configs/{{ DNS_subject_alt_name }}/ipsec_{{ item }}.secrets
mode: 0600 mode: 0600
with_items: with_items:
- "{{ users }}" - "{{ users }}"
@ -60,18 +60,18 @@
- name: Create the windows check file - name: Create the windows check file
file: file:
state: touch state: touch
path: configs/{{ IP_subject_alt_name }}/.supports_windows path: configs/{{ DNS_subject_alt_name }}/.supports_windows
when: Win10_Enabled is defined and Win10_Enabled == "Y" when: Win10_Enabled is defined and Win10_Enabled == "Y"
- name: Check if the windows check file exists - name: Check if the windows check file exists
stat: stat:
path: configs/{{ IP_subject_alt_name }}/.supports_windows path: configs/{{ DNS_subject_alt_name }}/.supports_windows
register: supports_windows register: supports_windows
- name: Build the windows client powershell script - name: Build the windows client powershell script
template: template:
src: client_windows.ps1.j2 src: client_windows.ps1.j2
dest: configs/{{ IP_subject_alt_name }}/windows_{{ item }}.ps1 dest: configs/{{ DNS_subject_alt_name }}/windows_{{ item }}.ps1
mode: 0600 mode: 0600
when: Win10_Enabled is defined and Win10_Enabled == "Y" or supports_windows.stat.exists == true when: Win10_Enabled is defined and Win10_Enabled == "Y" or supports_windows.stat.exists == true
with_items: "{{ users }}" with_items: "{{ users }}"
@ -82,4 +82,4 @@
state: directory state: directory
mode: 0700 mode: 0700
with_items: with_items:
- configs/{{ IP_subject_alt_name }} - configs/{{ DNS_subject_alt_name }}

10
roles/vpn/tasks/distribute_keys.yml
View file

@ -8,18 +8,18 @@
group: "{{ item.group }}" group: "{{ item.group }}"
mode: "{{ item.mode }}" mode: "{{ item.mode }}"
with_items: with_items:
- src: "configs/{{ IP_subject_alt_name }}/pki/cacert.pem" - src: "configs/{{ DNS_subject_alt_name }}/pki/cacert.pem"
dest: "{{ config_prefix|default('/') }}etc/ipsec.d/cacerts/ca.crt" dest: "{{ config_prefix|default('/') }}etc/ipsec.d/cacerts/ca.crt"
owner: strongswan owner: strongswan
group: "{{ root_group|default('root') }}" group: "{{ root_group|default('root') }}"
mode: "0600" mode: "0600"
- src: "configs/{{ IP_subject_alt_name }}/pki/certs/{{ IP_subject_alt_name }}.crt" - src: "configs/{{ DNS_subject_alt_name }}/pki/certs/{{ DNS_subject_alt_name }}.crt"
dest: "{{ config_prefix|default('/') }}etc/ipsec.d/certs/{{ IP_subject_alt_name }}.crt" dest: "{{ config_prefix|default('/') }}etc/ipsec.d/certs/{{ DNS_subject_alt_name }}.crt"
owner: strongswan owner: strongswan
group: "{{ root_group|default('root') }}" group: "{{ root_group|default('root') }}"
mode: "0600" mode: "0600"
- src: "configs/{{ IP_subject_alt_name }}/pki/private/{{ IP_subject_alt_name }}.key" - src: "configs/{{ DNS_subject_alt_name }}/pki/private/{{ DNS_subject_alt_name }}.key"
dest: "{{ config_prefix|default('/') }}etc/ipsec.d/private/{{ IP_subject_alt_name }}.key" dest: "{{ config_prefix|default('/') }}etc/ipsec.d/private/{{ DNS_subject_alt_name }}.key"
owner: strongswan owner: strongswan
group: "{{ root_group|default('root') }}" group: "{{ root_group|default('root') }}"
mode: "0600" mode: "0600"