Add SECRET_HOST VPN configuration.

2024-10-06 16:40:52 +02:00 · 2024-10-06 16:40:52 +02:00 · 4aba1972dd
commit 4aba1972dd
parent 58ec4f8d4b
1 changed files with 33 additions and 0 deletions
--- a/roles/role_deploy_temp_openvpn-server/tasks/main.yml
+++ b/roles/role_deploy_temp_openvpn-server/tasks/main.yml
@ -42,6 +42,39 @@
    temp_p2p_shared_key: "{{ openvpn_genkey_result.stdout }}"
  when: not temp_p2p_shared_key.stat.exists

+- name: Register key file
+  command: cat /usr/local/docker-mounted-files/temp-openvpn-server/temp-p2p-shared.key
+  register: temp_p2p_shared_key_content
+  changed_when: false
+  become: true
+
+- name: Template key file on SECRET_HOST
+  ansible.builtin.template:
+    src: "{{ item }}.j2"
+    dest: "/mnt/data/dossier_de_travail/local_repositories/docker-vpn-client-temp-ovh2-stack/{{ item }}"
+    mode: '0755'
+    seuser: system_u
+    serole: object_r
+    setype: container_file_t
+  become: true
+  register: temp_p2p_shared_key_deployment
+  with_items:
+    - temp-p2p-shared.key
+  vars:
+    temp_p2p_shared_key: "{{ temp_p2p_shared_key_content.stdout }}"
+    ansible_ssh_port: "{{ SECRET_SSH_PORT }}"
+  remote_user: "{{ LINUX_USERNAME }}"
+  delegate_to: "{{ SECRET_HOST }}"
+
+- name: Restart VPN container on SECRET_HOST
+  command: docker restart dockervpnclienttempovh2stack_vpn-client-temp_1
+  become: true
+  vars:
+    ansible_ssh_port: "{{ SECRET_SSH_PORT }}"
+  remote_user: "{{ LINUX_USERNAME }}"
+  delegate_to: "{{ SECRET_HOST }}"
+  when: temp_p2p_shared_key_deployment is changed
+
 - name: Create temp-openvpn-server container
  containers.podman.podman_container:
    name: temp-openvpn-server