Sfoglia il codice sorgente

Use gathered facts to determine the correct network interface in the

OpenVPN role
Joshua Lund 11 anni fa
parent
commit
fac6ceb3a9
2 ha cambiato i file con 3 aggiunte e 3 eliminazioni
  1. 2
    2
      roles/vpn/tasks/openvpn.yml
  2. 1
    1
      roles/vpn/templates/etc_rc.local

+ 2
- 2
roles/vpn/tasks/openvpn.yml Vedi File

@@ -93,7 +93,7 @@
93 93
            creates={{ openvpn_dhparam }}
94 94
 
95 95
 - name: Copy rc.local with firewall and dnsmasq rules into place
96
-  copy: src=etc_rc.local dest=/etc/rc.local
96
+  template: src=etc_rc.local dest=/etc/rc.local
97 97
 
98 98
 - name: Enable IPv4 traffic forwarding
99 99
   sysctl: name=net.ipv4.ip_forward value=1
@@ -104,7 +104,7 @@
104 104
     - iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
105 105
     - iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
106 106
     - iptables -A FORWARD -j REJECT
107
-    - iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
107
+    - iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o {{ ansible_default_ipv4.interface }} -j MASQUERADE
108 108
 
109 109
 - name: Copy OpenVPN configuration file into place
110 110
   template: src=etc_openvpn_server.conf.j2 dest=/etc/openvpn/server.conf

roles/vpn/files/etc_rc.local → roles/vpn/templates/etc_rc.local Vedi File

@@ -13,7 +13,7 @@
13 13
 iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
14 14
 iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
15 15
 iptables -A FORWARD -j REJECT
16
-iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
16
+iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o {{ ansible_default_ipv4.interface }} -j MASQUERADE
17 17
 
18 18
 /etc/init.d/dnsmasq restart
19 19
 

Loading…
Annulla
Salva