Initial support for Ubuntu 20.04 (#1770)

This commit is contained in:
David Myers 2020-04-25 12:42:07 -04:00 committed by GitHub
parent e29615bc05
commit eeda23be97
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 6 additions and 5 deletions

View file

@ -3,6 +3,7 @@ ipsec_config_path: "configs/{{ IP_subject_alt_name }}/ipsec/"
ipsec_pki_path: "{{ ipsec_config_path }}/.pki/" ipsec_pki_path: "{{ ipsec_config_path }}/.pki/"
strongswan_shell: /usr/sbin/nologin strongswan_shell: /usr/sbin/nologin
strongswan_home: /var/lib/strongswan strongswan_home: /var/lib/strongswan
strongswan_service: "{{ 'strongswan-starter' if ansible_distribution_major_version|int > 19 else 'strongswan' }}"
BetweenClients_DROP: true BetweenClients_DROP: true
algo_ondemand_cellular: false algo_ondemand_cellular: false
algo_ondemand_wifi: false algo_ondemand_wifi: false

View file

@ -1,5 +1,5 @@
- name: restart strongswan - name: restart strongswan
service: name=strongswan state=restarted service: name={{ strongswan_service }} state=restarted
- name: daemon-reload - name: daemon-reload
systemd: daemon_reload=true systemd: daemon_reload=true

View file

@ -24,7 +24,7 @@
- name: strongSwan started - name: strongSwan started
service: service:
name: strongswan name: "{{ strongswan_service }}"
state: started state: started
enabled: true enabled: true

View file

@ -35,12 +35,12 @@
service: name={{ item }} enabled=yes service: name={{ item }} enabled=yes
with_items: with_items:
- apparmor - apparmor
- strongswan - "{{ strongswan_service }}"
- netfilter-persistent - netfilter-persistent
- name: Ubuntu | Ensure that the strongswan service directory exists - name: Ubuntu | Ensure that the strongswan service directory exists
file: file:
path: /etc/systemd/system/strongswan.service.d/ path: /etc/systemd/system/{{ strongswan_service }}.service.d/
state: directory state: directory
mode: 0755 mode: 0755
owner: root owner: root
@ -49,7 +49,7 @@
- name: Ubuntu | Setup the cgroup limitations for the ipsec daemon - name: Ubuntu | Setup the cgroup limitations for the ipsec daemon
template: template:
src: 100-CustomLimitations.conf.j2 src: 100-CustomLimitations.conf.j2
dest: /etc/systemd/system/strongswan.service.d/100-CustomLimitations.conf dest: /etc/systemd/system/{{ strongswan_service }}.service.d/100-CustomLimitations.conf
notify: notify:
- daemon-reload - daemon-reload
- restart strongswan - restart strongswan