LILiK
/
lilik_playbook
5
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add fullchain template

python3
Andrea Cimbalo 6 years ago
parent
44d21ea747
commit
b0c90d61ba
6 changed files with 81 additions and 46 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +34
    -0
      files/lilik_ca_v1.pub
  2. +32
    -0
      files/lilik_ca_x1.pub
  3. +0
    -33
      files/test_vpn_ca.crt
  4. +10
    -12
      roles/openvpn/tasks/main.yaml
  5. +1
    -1
      roles/openvpn/templates/openvpn.j2
  6. +4
    -0
      templates/fullchain.j2

+ 34
- 0
files/lilik_ca_v1.pub View File

@ -0,0 +1,34 @@
-----BEGIN CERTIFICATE-----
MIIF1zCCA7+gAwIBAgIJAKFj/QEDXD7LMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
BAYTAklUMRAwDgYDVQQIDAdUdXNjYW55MREwDwYDVQQHDAhGbG9yZW5jZTEOMAwG
A1UECgwFTElMaUsxGTAXBgNVBAMMEExJTGlLIFJvb3QgQ0EgWDEwHhcNMTgwMzMw
MTc0MTEzWhcNMjMwMzI5MTc0MTEzWjBcMQswCQYDVQQGEwJJVDEQMA4GA1UECAwH
VHVzY2FueTERMA8GA1UEBwwIRmxvcmVuY2UxDjAMBgNVBAoMBUxJTGlLMRgwFgYD
VQQDDA9MSUxpSyBTU0wgQ0EgVjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQDcPVOj0z1tJSi743YlUq16NWV3pnDv5WUdRO+GDvSRo0ewIAkNwLSBCJYK
z2kOtsfm5ajHWlti3SJJwf4UBVwuQFSZoQ7pbUl86MhE49TvLBujeCddRl7aC2N6
VpnESeJV0c3Et5dCXhLxRhru6C4UJhmohWCaYDE/1iCRjc+Of+D8m2Sv+pZ044ng
kt2UlLIuV+KldfuNjcdnOVcvIbAOHu3cq36k0qk0FwXE+nDAYJFoeYqlo3hnpgd1
KqSPzzlofabUwwlnx8W5tibF2dkNqJwd/eukO2JMsh7A9wksU2eOq4+dd66xJJnt
d3LTxUTI9Eqr2n/q5vAlTw92R0UJbUSLWyqpMRpVzLDedQJWmiZ2zqfucQsnG1+G
2+ZJ95DLacwn7nX2Tnt5RlKhWPd92O05bCMzDqE/ajvvJk4yZ6VD62UzOlbaowrv
7zbXFoWPJ+/8DG5xTCGaq92ymH8rU76nDcj7YNj9CwXSQOrPbYi+pXwU8enaCmCB
QIQp39XKHQOkaxM0umsKqppFAFiD/I5MBwyxHQ6kuKN9ZuA1/8Kpq2pL4rz9p1Y6
q1C+Mk1TlxvblGnqmHxqMFnN3JZ1AkoNBH2Yux7xwfKbAkAlz82JYakmTq7gYyUT
J0DXpnm4ObVWHSLpHUv5ooUCuhFQ+yyJjxk8BdeDpA1bVmVJhQIDAQABo4GaMIGX
MDEGA1UdHwQqMCgwJqAkoCKGIGh0dHBzOi8vY2EubGlsaWsuaXQvcm9vdC5jcmwu
cGVtMB0GA1UdDgQWBBSM3nDvB7vyHHEGq1XEpEMcbH2TqzAfBgNVHSMEGDAWgBSl
6VXXpRdFxOheRLGGPbxAfpwInDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB
/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAsvJJIupTcmyVxV1VZj+LkooKLkfv
uIDeXyBZCtQB5oxu2YzsD8piuI/cplWzylLSbNRSopPGGhTr5Zz25iGy9Rf2+t+R
l8zBqEI2b2pdn+cxiPzUWTOxAgf98MUDkMv9elJkFGHbGWaH1uEPr8I4aaj2xa8y
6Eg8rF34SQxOdJIBdl52w3wFU93AlXginsdJogx+/iyRDv7RA1iTnMdV59lgR1a1
xvLynBJKtMFGQfQIChkgSUr9PXZdwBmiEua1w7pk4q3DRp/osYVAVUj0h1p9vO3H
jDrRfuxPA5OD0mEA68tTZ3a+IYvOQfzU0SyE0br8CFnSeQwC58VEPtmpZA9TEQoy
ZzRduR36WIlBfoTGYR7jjDnPHMEtP8DZCRmrUwTwIz/tL/Ujx+jXPZ5Fqrg8npVE
hU1BwMGxajDXL48Daz3C9Tk7/GMitKyX7voZRVpqMV8fz0lqRcZ+jr0MPtlG60zm
Drjc251yOhmuh1sLXbLLJC0la9eU5sCUAXNENffHW73X0oITdczLuWE+uFhUV4dX
ldTkiKx1H+9YtPl3ICQXoomSpYWxe6WCD/cPX8pVUvQhP4TIQoR0+xe0s95gwred
OTxdaXKfODpERQItgfzy+C9+3yN6l6Tq4mHb+5jdupYJAGxoiGHuj6G32toCAJ6J
/R+z0j1OG0/7tT4=
-----END CERTIFICATE-----

+ 32
- 0
files/lilik_ca_x1.pub View File

@ -0,0 +1,32 @@
-----BEGIN CERTIFICATE-----
MIIFkzCCA3ugAwIBAgIJAIz9Xnt5L7gNMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
BAYTAklUMRAwDgYDVQQIDAdUdXNjYW55MREwDwYDVQQHDAhGbG9yZW5jZTEOMAwG
A1UECgwFTElMaUsxGTAXBgNVBAMMEExJTGlLIFJvb3QgQ0EgWDEwHhcNMTcwNzAy
MjI0MjAxWhcNMjcwNjMwMjI0MjAxWjBdMQswCQYDVQQGEwJJVDEQMA4GA1UECAwH
VHVzY2FueTERMA8GA1UEBwwIRmxvcmVuY2UxDjAMBgNVBAoMBUxJTGlLMRkwFwYD
VQQDDBBMSUxpSyBSb290IENBIFgxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
CgKCAgEAt28pnDocAfBcva/hfjDdROLN8fvXMzyWOFLTQABNtoEdmOSB2EPu9nIV
Bw917khgzfWo3A/uV6mUvqanMaDm/Y4jwAY6qSn60hOrcaFRazzfcwgKFDaTXi/7
4aJlGvHIPrcG25m5yVXgy2swBGPulWPRki4ZRwdpUZx9SW9Z4YFooZE4imneb0ab
HVdakeV9Olj+hiWVQsKScqSh0Md9qogUye/3t0KSb3T9MHSfVe/zG7djGh7RiqAu
BsnodI63wI4ssyTKSVOC4bAQ/PKP6pw+Pa1hKwfHZMFGSd3M/LNacIPeFdmA/YHW
z4OrW/uTsR6vkApQ6YOd46e2rY5zanKx1pj8ABhUJYFfyRwqNUez2kA6KBUUsD/r
RDhcVPNpWG8dsJ0/ny351V7Cvi3BZkzzphLTUGCN3F7zQbanVi+BVpIb5e1NVcoy
Hc4sZ0mGd3SzUVqgCD4jAQIlfZdrPTJlxq6c31hlH5JIRY7dwmuwARCYoIgeGeEg
AGLp45sjN9TC9EWj2Q1ANFtxWpEfJ8/LUEdHcrB/gF2u+BX4pmWuz1Y/MbJLRzgb
90QAe3/00tYD9PBICeC52eB3pdjaRtwZFQaVzxs8Dgexkd03++9Y63HJkwdXAFLd
RetdqOBU4B4Rr7HvriFn4Vmo4b+bk8Ln4veh2qKPQ1xuiSwwntsCAwEAAaNWMFQw
HQYDVR0OBBYEFKXpVdelF0XE6F5EsYY9vEB+nAicMB8GA1UdIwQYMBaAFKXpVdel
F0XE6F5EsYY9vEB+nAicMBIGA1UdEwEB/wQIMAYBAf8CAQEwDQYJKoZIhvcNAQEL
BQADggIBAKvyAP9Yc9jC3tKDOVTpiZCGSUPDfNl1FkE3RaD9O7Ou9ymwP5I+j6qB
OvVtivZSX14z27SICcAgUYQ/4YkS0bHQCCCoqXTGA7E0pNR9XuJgQnHe/2kC7Vvs
KuDZIKHUPoaLvtgBhzEMUMy231KDXaOf50IWjkzkAFr/8JJyKb0yfkqWsoNJWzvi
hBx0xDd7JouMJJxCTQ0OvpeIeMs7NGB0VuziaybF4f0CCe9/84gegCeA2kLAL6xU
o5jRc/V8wtgpU0Z48K6OecLkUBFDJDU6Qyi2mhLcp+JqFyOatixfDMRKGcd1DjyZ
7lHxqNgjbR1/mJXnmReXaq29QLGeqc0GetG+Yl7QrCJqBpxGl+ICcuH9NwAbYaWI
DO84q/GEqfAYga/0ypUA7NkTNVXngRCHSnSxetVhgePZfLIbCN5Xhb4AsyPAQ2NS
8VkqwyGZdU7mKFCyConKH7rCR/XHEWkJAO55Y0BTIEaqPJyf67iAw8R13wl+eGyp
BNZcmKt6bZifJo/SX9g0SzK6Al4IAnaMagsJvXVC4GjrWutyR8nOSh09sR8az1fc
UdJqic9JrlftQPbDxnS6pGX0VduXqRe9xM6KZCHwalb7z59OT8n41b3R3/r1pjJ9
xnfYOdBad0uZfKK3y5VCo8HQYEu+zPyW0jYTPK/ghLeKzmiIvPpB
-----END CERTIFICATE-----

+ 0
- 33
files/test_vpn_ca.crt View File

@ -1,33 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIFczCCA1ugAwIBAgIJAM9x76ZW4QGnMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
BAYTAklUMRAwDgYDVQQIDAdUdXNjYW55MREwDwYDVQQHDAhGbG9yZW5jZTEOMAwG
A1UECgwFTElMaUsxDDAKBgNVBAsMA3ZwbjAeFw0xNzAzMjYxNTU5MThaFw0xODAz
MjYxNTU5MThaMFAxCzAJBgNVBAYTAklUMRAwDgYDVQQIDAdUdXNjYW55MREwDwYD
VQQHDAhGbG9yZW5jZTEOMAwGA1UECgwFTElMaUsxDDAKBgNVBAsMA3ZwbjCCAiIw
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANntnC79f90kiDOfR1C5toJt/Emg
s56ajW7OtFtLPn/e/0ssKnO5eMNThs5+tYCsrZf+J/3QQUcZo77r2YFCbB9XZASv
SNz/eFtUFQDvCtwxT6S3XmrymFd+pBgfCgC5/4qaNJGKz+HUBaVrrBWG2QnmEPJb
ZWh45AGMla2QX7C3HmOZgMomQSQqK/kxGoOotIhBoy07pky3C8YhWthagDp5Y+wW
Gt6RBowEPza316bQWYQcsPmVg3TOdZH4DZGnWGl2rOHcwfaYyaLPv2bdd58J2ToU
IOhjAF8wLnU2syizeqO7zEzBInMudXxaubOOtBZUFEeKkyeq6fO7obM37nCaXDzU
fClg/WyY3DEmGN7b/H2JUPXDpjnmX+sBZrWAUZCwnkoseaA3wqp1cigAdhNVC19q
0Y/BhRiDNTyBC8tE0Tv5etSGog5rvFOCuoPM5psXuXUWToMOZsEZ5bMf34UF+p4C
mx8k4eLm3NsYWndAkRQKpCVmptMBR9rW6DdChgEYM+5keI+6pIb7eTO3ndHtpY4Y
W1IA059yA3eP1JqnqsxkvVqPBX7wr7fGUoibwZigA64w2gY4tjewocTJZrlZupqe
hct4a/A/vRJqCQqTGSjJdbmwau0wv8N45bgQq3R2y5ERqu5/pc1n+yVrWV7KZeOb
bXja/U2PzzYS9CdLAgMBAAGjUDBOMB0GA1UdDgQWBBR59Xeu/85H4hAhxF6bjnHs
RBw8gzAfBgNVHSMEGDAWgBR59Xeu/85H4hAhxF6bjnHsRBw8gzAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQA2z+RrzF5WRwAHAECP7cOLZr1Py7qZjMeh
pAMxP4YUYKKPjvsEIdR9ZXDCVBt6BaiVRoUJfdhq+6idb7/sYgv3QL3wfXonMpFY
eB9mpDcV2i7ei+VhJVUTAs+F4HBZgXvu3pdy2WRyNheMCl4NqWJj6MVLR+xRjaJ4
G/0HxnI1/rJs3GA2baXwFFgDOa8wV8iC23yDz0mlFqjpkh3u5LAYR3Le9xL7MOdd
G+v2whzX8DDjQskkUlvt6BqSH9OGWC3yYqSG/LDFu3HkdyCyUyBlsfh9LvAu3jvA
GCcS7F86GaE/wroPpM34U99lI96ieTN2WC1LteLxa73TLV02JiZAVbqCRSzmf1Ti
dDelWXTZ95dyMnytB2iECwSYrHeANfnkBh45rjvWeNPMaFOPuYbfJaag/88IJbTF
NbDlHWbXY5TJzF9E0usNABdZ00TJWqJSGIJpnKO8iTK7wKrWS7CvRhR8GEDYRFRt
FT1T2q/0cufBF1flTndz5g0mkoJxlV/pOCh7eKGLZYFjXSbs8pS8gWjkqmAlT5q6
6e/Ov0gITxSYiNeLRKtBii0U7IRaVDcGS1DzF7Kve4VMKooXQyaQ0BbhpcTpxSKc
ACnFg6fDKmdXpOM75BMAOf+j08UolT/FhAuQ+YmOeAezcMejmQX+qUb+hEh35B+0
0F7Syw/qWg==
-----END CERTIFICATE-----

+ 10
- 12
roles/openvpn/tasks/main.yaml View File

@ -86,18 +86,16 @@
register: set_pub_key
when: not openvpn_cert_key.stat.exists
- name: copy vpn ca public key
copy:
src: lilik_ca_x1.pem
dest: /etc/openvpn/lilik_ca_x1.pem
- name: copy vpn ca public key
copy:
src: lilik_ca_v1.pem
dest: /etc/openvpn/lilik_ca_v1.pem
- name: create fullchain
command: "cat /etc/openvpn/lilik_ca_x1.pem /etc/openvpn/lilik_ca_v1.pem > /etc/openvpn/ca.crt"
- set_fact:
certificates:
- files/lilik_ca_x1.pub
- files/lilik_ca_v1.pub
- name: create vpn fullchain
template:
src: fullchain.j2
dest: /etc/openvpn/fullchain.crt
notify: reload openvpn
- name: write openvpn configuration
template:


+ 1
- 1
roles/openvpn/templates/openvpn.j2 View File

@ -6,7 +6,7 @@ config openvpn 'vpn'
option dev 'tun'
option server '10.8.0.0 255.255.255.0'
option keepalive '10 120'
option ca '/etc/openvpn/ca.crt'
option ca '/etc/openvpn/fullchain.crt'
option cert '/etc/openvpn/openvpn.cert'
option key '/etc/openvpn/openvpn.key'
option dh '/etc/openvpn/dh2048.pem'


+ 4
- 0
templates/fullchain.j2 View File

@ -0,0 +1,4 @@
{% for certificate in certificates %}
{% include certificate %}
{% endfor %}

Write Preview
Loading…
Cancel
Save