Kaynağa Gözat

Merge branch 'openvpn-bug-fixes' of github.com:alexec/sovereign

Thomas Buck 6 yıl önce
ebeveyn
işleme
4d674b5f9a

+ 3
- 2
roles/vpn/tasks/openvpn.yml Dosyayı Görüntüle

@@ -168,10 +168,11 @@
168 168
 
169 169
 - name: Retrieve the files that clients will need in order to connect to the OpenVPN server
170 170
   fetch: src={{ openvpn_path }}/{{ item[0] }}/{{ item[1] }}
171
-         dest=/tmp/sovereign-openvpn-files
171
+         dest=/tmp/sovereign-openvpn-files fail_on_missing=yes
172 172
   with_nested:
173 173
     - "{{ openvpn_clients }}"
174 174
     - ["client.crt", "client.key", "ca.crt", "ta.key", "{{ openvpn_server }}.ovpn"]
175 175
 
176
-- pause: seconds=5
176
+- name: Pause 5s seconds for OpenVPN ready
177
+  pause: seconds=5
177 178
          prompt="You are ready to set up your OpenVPN clients. The files that you need are in /tmp/sovereign-openvpn-files. Make sure LZO compression is enabled and that you provide the ta.key file for the TLS-Auth option with a direction of '1'. Press any key to continue..."

+ 2
- 2
roles/vpn/templates/etc_openvpn_server.conf.j2 Dosyayı Görüntüle

@@ -187,7 +187,7 @@ ifconfig-pool-persist ipp.txt
187 187
 # (The OpenVPN server machine may need to NAT
188 188
 # or bridge the TUN/TAP interface to the internet
189 189
 # in order for this to work properly).
190
-push "redirect-gateway def1"
190
+push "redirect-gateway def1 bypass-dhcp"
191 191
 push "dhcp-option DNS 10.8.0.1"
192 192
 
193 193
 # Certain Windows-specific network settings
@@ -278,7 +278,7 @@ persist-tun
278 278
 # Output a short status file showing
279 279
 # current connections, truncated
280 280
 # and rewritten every minute.
281
-status openvpn-status.log
281
+;status openvpn-status.log
282 282
 
283 283
 # By default, log messages will go to the syslog (or
284 284
 # on Windows, if running as a service, they will go to

Loading…
İptal
Kaydet