From 47da4c089158df66ae75195cc276df641e33ce55 Mon Sep 17 00:00:00 2001 From: Bryan Konowitz Date: Mon, 3 Sep 2018 14:41:21 -0700 Subject: [PATCH] Fixes #491 by piping algo_server_name through additional templates EC2 Name tag in the cfn stack, VPNName in client_windows.ps1 and the mobileconfig files all make use of the algo_server_name with a default of the original Algo VPN naming when the server name is left at default algo or algo.local. --- roles/cloud-ec2/files/stack.yml | 12 ++++++------ roles/cloud-ec2/tasks/cloudformation.yml | 1 - roles/vpn/templates/client_windows.ps1.j2 | 7 ++++++- roles/vpn/templates/mobileconfig.j2 | 9 +++++++-- 4 files changed, 19 insertions(+), 10 deletions(-) diff --git a/roles/cloud-ec2/files/stack.yml b/roles/cloud-ec2/files/stack.yml index 3660613b..a3810769 100644 --- a/roles/cloud-ec2/files/stack.yml +++ b/roles/cloud-ec2/files/stack.yml @@ -21,7 +21,7 @@ Resources: InstanceTenancy: default Tags: - Key: Name - Value: Algo + Value: !Ref AWS::StackName - Key: Environment Value: Algo @@ -38,7 +38,7 @@ Resources: - Key: Environment Value: Algo - Key: Name - Value: Algo + Value: !Ref AWS::StackName Subnet: Type: AWS::EC2::Subnet @@ -49,7 +49,7 @@ Resources: - Key: Environment Value: Algo - Key: Name - Value: Algo + Value: !Ref AWS::StackName VpcId: !Ref VPC VPCGatewayAttachment: @@ -66,7 +66,7 @@ Resources: - Key: Environment Value: Algo - Key: Name - Value: Algo + Value: !Ref AWS::StackName Route: Type: AWS::EC2::Route @@ -140,7 +140,7 @@ Resources: CidrIp: 0.0.0.0/0 Tags: - Key: Name - Value: Algo + Value: !Ref AWS::StackName - Key: Environment Value: Algo @@ -181,7 +181,7 @@ Resources: cfn-signal -e $? --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region} Tags: - Key: Name - Value: Algo + Value: !Ref AWS::StackName - Key: Environment Value: Algo diff --git a/roles/cloud-ec2/tasks/cloudformation.yml b/roles/cloud-ec2/tasks/cloudformation.yml index 27977203..b996d016 100644 --- a/roles/cloud-ec2/tasks/cloudformation.yml +++ b/roles/cloud-ec2/tasks/cloudformation.yml @@ -1,4 +1,3 @@ ---- - name: Deploy the template cloudformation: aws_access_key: "{{ access_key }}" diff --git a/roles/vpn/templates/client_windows.ps1.j2 b/roles/vpn/templates/client_windows.ps1.j2 index 4ffce674..b8d36060 100644 --- a/roles/vpn/templates/client_windows.ps1.j2 +++ b/roles/vpn/templates/client_windows.ps1.j2 @@ -79,7 +79,12 @@ Save the embedded CA cert and encrypted user PKCS12 file. $ErrorActionPreference = "Stop" $VpnServerAddress = "{{ IP_subject_alt_name }}" -$VpnName = "Algo VPN {{ IP_subject_alt_name }} IKEv2" +{% if (algo_server_name == 'algo') or (algo_server_name == 'algo.local') %} + {% set vpn_server_name = 'Algo VPN '+IP_subject_alt_name+' IKEv2' %} +{% else %} + {% set vpn_server_name = algo_server_name+' VPN' %} +{% endif %} +$VpnName = "{{ vpn_server_name }}" $VpnUser = "{{ item.0 }}" $CaCertificateBase64 = "{{ PayloadContentCA }}" $UserPkcs12Base64 = "{{ item.1.stdout }}" diff --git a/roles/vpn/templates/mobileconfig.j2 b/roles/vpn/templates/mobileconfig.j2 index 44fbcbda..46f2abbb 100644 --- a/roles/vpn/templates/mobileconfig.j2 +++ b/roles/vpn/templates/mobileconfig.j2 @@ -1,3 +1,8 @@ +{% if (algo_server_name == 'algo') or (algo_server_name == 'algo.local') %} + {% set vpn_server_name = 'Algo VPN '+IP_subject_alt_name+' IKEv2' %} +{% else %} + {% set vpn_server_name = algo_server_name+' VPN' %} +{% endif %} @@ -129,7 +134,7 @@ 0 UserDefinedName - Algo VPN {{ IP_subject_alt_name }} IKEv2 + {{ vpn_server_name }} VPNType IKEv2 @@ -175,7 +180,7 @@ PayloadDisplayName - {{ IP_subject_alt_name }} IKEv2 + {{ vpn_server_name }} PayloadIdentifier donut.local.{{ 500000 | random | to_uuid | upper }} PayloadRemovalDisallowed