From f8db81fa8bc0a613d14e9708a76330fb6dabc860 Mon Sep 17 00:00:00 2001 From: Jack Ivanov Date: Mon, 25 Feb 2019 15:20:13 +0100 Subject: [PATCH] Modify naming in the cloud resources and client config files --- roles/cloud-azure/tasks/main.yml | 4 +-- roles/cloud-ec2/files/stack.yml | 28 ++++++------------- roles/cloud-gce/tasks/main.yml | 6 ++-- .../templates/client_windows.ps1.j2 | 2 +- roles/strongswan/templates/mobileconfig.j2 | 12 ++++---- 5 files changed, 20 insertions(+), 32 deletions(-) diff --git a/roles/cloud-azure/tasks/main.yml b/roles/cloud-azure/tasks/main.yml index 38adc741..29682bb0 100644 --- a/roles/cloud-azure/tasks/main.yml +++ b/roles/cloud-azure/tasks/main.yml @@ -16,13 +16,13 @@ - name: Create AlgoVPN Server azure_rm_deployment: state: present - deployment_name: "AlgoVPN-{{ algo_server_name }}" + deployment_name: "{{ algo_server_name }}" template: "{{ lookup('file', 'deployment.json') }}" secret: "{{ secret }}" tenant: "{{ tenant }}" client_id: "{{ client_id }}" subscription_id: "{{ subscription_id }}" - resource_group_name: "AlgoVPN-{{ algo_server_name }}" + resource_group_name: "{{ algo_server_name }}" parameters: AlgoServerName: value: "{{ algo_server_name }}" diff --git a/roles/cloud-ec2/files/stack.yml b/roles/cloud-ec2/files/stack.yml index 3660613b..829a2cb3 100644 --- a/roles/cloud-ec2/files/stack.yml +++ b/roles/cloud-ec2/files/stack.yml @@ -21,9 +21,7 @@ Resources: InstanceTenancy: default Tags: - Key: Name - Value: Algo - - Key: Environment - Value: Algo + Value: !Ref AWS::StackName VPCIPv6: Type: AWS::EC2::VPCCidrBlock @@ -35,22 +33,18 @@ Resources: Type: AWS::EC2::InternetGateway Properties: Tags: - - Key: Environment - Value: Algo - Key: Name - Value: Algo + Value: !Ref AWS::StackName Subnet: Type: AWS::EC2::Subnet Properties: CidrBlock: 172.16.254.0/23 MapPublicIpOnLaunch: false - Tags: - - Key: Environment - Value: Algo - - Key: Name - Value: Algo VpcId: !Ref VPC + Tags: + - Key: Name + Value: !Ref AWS::StackName VPCGatewayAttachment: Type: AWS::EC2::VPCGatewayAttachment @@ -63,10 +57,8 @@ Resources: Properties: VpcId: !Ref VPC Tags: - - Key: Environment - Value: Algo - Key: Name - Value: Algo + Value: !Ref AWS::StackName Route: Type: AWS::EC2::Route @@ -140,9 +132,7 @@ Resources: CidrIp: 0.0.0.0/0 Tags: - Key: Name - Value: Algo - - Key: Environment - Value: Algo + Value: !Ref AWS::StackName EC2Instance: Type: AWS::EC2::Instance @@ -181,9 +171,7 @@ Resources: cfn-signal -e $? --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region} Tags: - Key: Name - Value: Algo - - Key: Environment - Value: Algo + Value: !Ref AWS::StackName ElasticIP: Type: AWS::EC2::EIP diff --git a/roles/cloud-gce/tasks/main.yml b/roles/cloud-gce/tasks/main.yml index e04b3d80..baa5f469 100644 --- a/roles/cloud-gce/tasks/main.yml +++ b/roles/cloud-gce/tasks/main.yml @@ -8,8 +8,8 @@ - name: Network configured gce_net: - name: "algo-net-{{ algo_server_name }}" - fwname: "algo-net-{{ algo_server_name }}-fw" + name: "{{ algo_server_name }}" + fwname: "{{ algo_server_name }}-fw" allowed: "udp:500,4500,{{ wireguard_port }};tcp:22" state: "present" mode: auto @@ -45,7 +45,7 @@ credentials_file: "{{ credentials_file_path }}" project_id: "{{ project_id }}" metadata: '{"ssh-keys":"ubuntu:{{ ssh_public_key_lookup }}"}' - network: "algo-net-{{ algo_server_name }}" + network: "{{ algo_server_name }}" tags: - "environment-algo" register: google_vm diff --git a/roles/strongswan/templates/client_windows.ps1.j2 b/roles/strongswan/templates/client_windows.ps1.j2 index e1021bbe..da53383f 100644 --- a/roles/strongswan/templates/client_windows.ps1.j2 +++ b/roles/strongswan/templates/client_windows.ps1.j2 @@ -85,7 +85,7 @@ Save the embedded CA cert and encrypted user PKCS12 file. $ErrorActionPreference = "Stop" $VpnServerAddress = "{{ IP_subject_alt_name }}" -$VpnName = "Algo VPN {{ IP_subject_alt_name }} IKEv2" +$VpnName = "AlgoVPN {{ algo_server_name }} IKEv2" $VpnUser = "{{ item.0 }}" $CaCertificateBase64 = "{{ PayloadContentCA }}" $UserPkcs12Base64 = "{{ item.1.stdout }}" diff --git a/roles/strongswan/templates/mobileconfig.j2 b/roles/strongswan/templates/mobileconfig.j2 index b48500c2..cb887c6d 100644 --- a/roles/strongswan/templates/mobileconfig.j2 +++ b/roles/strongswan/templates/mobileconfig.j2 @@ -112,7 +112,7 @@ PayloadDescription Configures VPN settings PayloadDisplayName - VPN + {{ algo_server_name }} PayloadIdentifier com.apple.vpn.managed.{{ VPN_PayloadIdentifier }} PayloadType @@ -129,7 +129,7 @@ 0 UserDefinedName - Algo VPN {{ IP_subject_alt_name }} IKEv2 + AlgoVPN {{ algo_server_name }} IKEv2 VPNType IKEv2 @@ -145,7 +145,7 @@ PayloadDescription Adds a PKCS#12-formatted certificate PayloadDisplayName - {{ item.0 }}.p12 + {{ algo_server_name }} PayloadIdentifier com.apple.security.pkcs12.{{ pkcs12_PayloadCertificateUUID }} PayloadType @@ -165,7 +165,7 @@ PayloadDescription Adds a CA root certificate PayloadDisplayName - {{ IP_subject_alt_name }} + {{ algo_server_name }} PayloadIdentifier com.apple.security.root.{{ CA_PayloadIdentifier }} PayloadType @@ -177,11 +177,11 @@ PayloadDisplayName - {{ IP_subject_alt_name }} IKEv2 + AlgoVPN {{ algo_server_name }} IKEv2 PayloadIdentifier donut.local.{{ 500000 | random | to_uuid | upper }} PayloadOrganization - Algo VPN + AlgoVPN PayloadRemovalDisallowed PayloadType