add msca-openvpn role

[awsible] / roles / msca-openvpn / templates / vpc-client.conf.j2

diff --git a/roles/msca-openvpn/templates/vpc-client.conf.j2 b/roles/msca-openvpn/templates/vpc-client.conf.j2
new file mode 100644 (file)
index 0000000..e881e96
--- /dev/null
+++ b/roles/msca-openvpn/templates/vpc-client.conf.j2
@@ -0,0 +1,20 @@
+{{ ansible_managed|comment }}
+# Mode: {{ vpn_mode }}
+# Subnet: {{ vpn_subnet }}
+client
+dev tap
+<connection>
+       remote {{ vpn_server_ip }} 1194 udp
+</connection>
+resolv-retry infinite
+persist-key
+persist-tun
+nobind
+float
+mssfix
+keepalive 30 90
+daemon
+
+ca /etc/openvpn/keys/ca.{{ ca_name|lower }}.crt
+cert /etc/openvpn/keys/{{ vpc_region }}-client.{{ ca_name|lower }}.crt
+key /etc/openvpn/keys/{{ vpc_region }}-client.{{ ca_name|lower }}.key