Commit 79138f16 authored by julian.gethmann's avatar julian.gethmann

Add VPN base configuration to clients

parent 718f0a24
client
remote 141.52.8.19
port 1194
dev tap
proto udp
auth-user-pass
nobind
comp-lzo no
tls-version-min 1.2
ca /etc/ssl/certs/ca-bundle.crt
verify-x509-name "C=DE, ST=Baden-Wuerttemberg, L=Karlsruhe, O=Karlsruhe Institute of Technology, OU=Steinbuch Centre for Computing, CN=ovpn.scc.kit.edu" subject
cipher AES-256-CBC
auth SHA384
reneg-sec 43200
verb 3
script-security 2
......@@ -3,4 +3,5 @@
tags: printer
- import_tasks: basic_software.yml
- import_tasks: kill_x.yml
- import_tasks: vpn.yml
- import_tasks: ms_fonts.yml
---
- name: install OpenVPN client
become: yes
dnf:
name: ["openvpn", "NetworkManager-openvpn"]
state: present
# - name: install network manager for ansible
# become: yes
# dnf:
# name: ["NetworkManager-glib", "libnm-qt-devel", "nm-connection-editor", "libsemanage-python", "policycoreutils-python"]
# state: present
- name: get configuration file from SCC
# https://www.scc.kit.edu/dienste/10100.php
become: yes
copy:
src: kit-vpn2vlan.ovpn
dest: /etc/kit-vpn2vlan.ovpn
backup: yes
when: ansible_distribution == "Fedora"
# unfortunately you have to install the VPN on your own using the GUI tool NetworkManager.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment