78 lines
1.8 KiB
YAML
78 lines
1.8 KiB
YAML
- name: ensure protonvpn ca certificate is installed
|
|
copy:
|
|
src: ProtonVPN_ike_root.pem
|
|
dest: /etc/strongswan/swanctl/x509ca/
|
|
mode: '0644'
|
|
notify: reload strongswan config
|
|
tags:
|
|
- strongswan-cacert
|
|
|
|
- name: ensure protonvpn configuration is set
|
|
template:
|
|
src: protonvpn.conf.j2
|
|
dest: /etc/strongswan/swanctl/conf.d/protonvpn.conf
|
|
mode: '0640'
|
|
notify: reload strongswan config
|
|
tags:
|
|
- strongswan-config
|
|
- protonvpn-config
|
|
- name: ensure protonvpn state directory exists
|
|
file:
|
|
path: /var/lib/protonvpn
|
|
mode: u=rwx,go=rx
|
|
owner: root
|
|
group: root
|
|
state: directory
|
|
tags:
|
|
- strongswan-config
|
|
- protonvpn-config
|
|
- name: ensure protonvpn remote address is configured
|
|
copy:
|
|
dest: /var/lib/protonvpn/remote_addrs
|
|
mode: '0640'
|
|
content: >
|
|
remote_addrs = {{ protonvpn_server }}
|
|
force: false
|
|
notify: reload strongswan config
|
|
tags:
|
|
- strongswan-config
|
|
- protonvpn-config
|
|
|
|
- name: ensure protonvpn-watchdog dependencies are installed
|
|
package:
|
|
name: python3-httpx
|
|
state: present
|
|
tags:
|
|
- install
|
|
- name: ensure protonvpn-watchdog script is installed
|
|
copy:
|
|
src: protonvpn-watchdog.py
|
|
dest: /usr/local/bin/protonvpn-watchdog
|
|
mode: '0755'
|
|
notify: restart protonvpn-watchdog
|
|
tags:
|
|
- protonvpn-watchdog
|
|
- name: ensure protonvpn-watchdog systemd unit is installed
|
|
copy:
|
|
src: protonvpn-watchdog.service
|
|
dest: /etc/systemd/system/protonvpn-watchdog.service
|
|
mode: '0644'
|
|
notify:
|
|
- reload systemd
|
|
- restart protonvpn-watchdog
|
|
tags:
|
|
- protonvpn-watchdog
|
|
- systemd
|
|
- name: ensure protonvpn-watchdog service is enabled
|
|
service:
|
|
name: protonvpn-watchdog
|
|
enabled: true
|
|
tags:
|
|
- service
|
|
- name: ensure protonvpn-watchdog service is running
|
|
service:
|
|
name: protonvpn-watchdog
|
|
state: started
|
|
tags:
|
|
- service
|