| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 |
- ---
- - name: Ensure permission on OpenVPN directory
- become: true
- file:
- path: /etc/stunnel
- state: directory
- mode: 0700
- owner: stunnel4
- group: stunnel4
- - name: Install stunnel configuration
- become: true
- template:
- src: templates/config.j2
- dest: "/etc/stunnel/{{ item.name }}.conf"
- mode: 0600
- owner: stunnel4
- group: stunnel4
- loop: "{{ stunnel | flatten(levels=1) }}"
- - name: Install local keys
- become: true
- copy:
- content: "{{ item.key }}"
- dest: "/etc/stunnel/{{ item.name }}.pem"
- mode: 0600
- owner: stunnel4
- group: stunnel4
- loop: "{{ stunnel | flatten(levels=1) }}"
- - name: Install local certificates
- become: true
- copy:
- content: "{{ item.certificate }}"
- dest: "/etc/stunnel/{{ item.name }}.crt"
- mode: 0600
- owner: stunnel4
- group: stunnel4
- loop: "{{ stunnel | flatten(levels=1) }}"
- - name: Install local remote
- become: true
- copy:
- content: "{{ item.remote_certificate }}"
- dest: "/etc/stunnel/{{ item.name }}_remote.crt"
- mode: 0600
- owner: stunnel4
- group: stunnel4
- loop: "{{ stunnel | flatten(levels=1) }}"
- - name: Enable autostart
- become: true
- systemd:
- name: "stunnel@{{ item.name }}"
- masked: false
- enabled: true
- when: item.autostart
- loop: "{{ stunnel | flatten(levels=1) }}"
- - name: Disable autostart
- become: true
- systemd:
- name: "stunnel@{{ item.name }}"
- masked: false
- enabled: false
- when: not item.autostart
- loop: "{{ stunnel | flatten(levels=1) }}"
|
