https://github.com/stackhpc/ansible-role-openvpn

OpenVPN tunnel / mesh role for federated Cluster-as-a-Service
https://github.com/stackhpc/ansible-role-openvpn

Last synced: 4 days ago
JSON representation

OpenVPN tunnel / mesh role for federated Cluster-as-a-Service

• Host: GitHub
• URL: https://github.com/stackhpc/ansible-role-openvpn
• Owner: stackhpc
• License: apache-2.0
• Created: 2019-03-12T16:53:32.000Z (about 7 years ago)
• Default Branch: master
• Last Pushed: 2023-10-30T14:00:14.000Z (over 2 years ago)
• Last Synced: 2024-04-14T22:50:17.419Z (about 2 years ago)
• Language: Jinja
• Homepage:
• Size: 32.2 KB
• Stars: 2
• Watchers: 10
• Forks: 2
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

          
OpenVPN Servers and Clients

===========================

For a list of VPN servers and clients, install OpenVPN and Easy-RSA

packages and generate server and client configurations for OpenVPN

tunnels.  Bring the VPN connections up.

In this role, we follow a model in which all clients initiate tunnel

connections to all servers, building what could be a mesh of

point-to-point VPN connections.

Requirements

------------

For access to OpenVPN and Easy-RSA packages, this role will install

the EPEL repo, if it is not already present.

The hosts in the play must be able to communicate with one another

via TCP/IP or UDP/IP.

Role Variables

--------------

`openvpn_servers`: List of inventory hostnames of the OpenVPN servers.

`openvpn_clients`: List of hostnames of clients.

`openvpn_tunnel_cidr`: OpenVPN tunnel network subnet.  The OpenVPN servers

  will create sub-subnets from this range.  The OpenVPN servers each take

  the first IP address of their allocated subnet.

  The default value is `10.8.0.0/24`

`openvpn_server_proto`: Establish the connection using TCP or UDP.

  The default value is `tcp`

`openvpn_server_port`: The TCP or UDP port for communication with the

  OpenVPN server.

  The default value is `1194`

`openvpn_intra_if`: If the internal network to propagate is not the default

  gateway, it can be defined using its network interface name instead.

Dependencies

------------

None.

Example Playbook

----------------

The following playbook creates VPN tunnels between a server and

some client hosts.

    ---

    # This playbook synchronises timekeeping and establishes an OpenVPN

    # tunnel between a VPN server and a number of clients.

    - hosts:

        - openvpn-servers

        - openvpn-clients

      become: yes

      roles:

        - role: stackhpc.openvpn

          openvpn_servers: "{{ groups['openvpn-servers'] }}"

          openvpn_clients: "{{ groups['openvpn-clients'] }}"

          openvpn_server_proto: "udp"

    ...

Author Information

------------------

- Stig Telfer ()

- Bharat Kunwar ()