Libreswan based VPN System Role available
The Linux System Roles are a set of Ansible Roles, also available as an Ansible Collection, used to manage and configure common GNU/Linux operating system components. Conceptually, the intent is to provide for the operating system components an automation “API” that is consistent across multiple major and minor releases. https://linux-system-roles.github.io/ There is now a new VPN System Role that uses libreswan written by Mary Provencher that can be used to configure host-to-host, net-to-net and mesh (opportunistic) VPNs using an ansible inventory of hosts. Such an inventory for the basic host-to-host cases could look like: all: hosts: bastion1.example.com: {...} bastion2.example.com: {...} bastion3.example.com: {...} vars: vpn_connections: - hosts: bastion1.example.com: bastion2.example.com: bastion3.example.com: The role will set up a vpn tunnel between each pair of hosts in the list of vpn_connections, using the default parameters, including generating keys as needed. This role assumes that the names of the hosts under hosts are the same as the names of the hosts used in the Ansible inventory, and that you can use those names to configure the tunnels (i.e. they are real FQDNs that resolve correctly). For more information see https://github.com/linux-system-roles/vpn _______________________________________________ Swan-announce mailing list swan-annou...@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-announce _______________________________________________ Swan-dev mailing list Swan-dev@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-dev