search

bodsch / ansible-openvpn

Ansible role to install and configure openvpn server.
Apache License 2.0
6 stars 0 forks source link

missing /etc/openvpn/easy-rsa/pki directory #8

Closed rmalenko closed 1 year ago

rmalenko commented 1 year ago 
fatal: [2.com]: FAILED! => {"changed": false, "msg": "Error while linking: [Errno 2] No such file or directory: b'/etc/easy-rsa/openssl-easyrsa.cnf' -> b'/etc/easy-rsa/pki/openssl-easyrsa.cnf'", "path": "/etc/easy-rsa/pki/openssl-easyrsa.cnf"}
  roles:
    - role: ansible-openvpn # ansible-galaxy collection install --requirements-file collections.yml
      openvpn_directory: /etc/openvpn
      openvpn_diffie_hellman_keysize: 2048
      openvpn_mtu: 1500
      openvpn_mssfix: 1360
      openvpn_keepalive:
        interval: 10
        timeout: 120
      # server or client
      openvpn_type: "server"
      openvpn_service:
        state: started
        enabled: true

      openvpn_systemd:
        requires_services:
          - sshd.service

      openvpn_logging:
        directory: /var/log/openvpn
        file: openvpn.log
        status: status.log
        verbosity: 4
        mute: 10
        append: true

      openvpn_easyrsa: {}

      openvpn_certificate:
        req_country: USA
        req_province: Hamilton
        req_city: Eastvilage
        req_org: ACME Inc.
        req_email: openvpn@acme.inc
        req_ou: Special Forces
        req_cn_ca: 'Open VPN'
        req_cn_server: '{{ ansible_fqdn }}'

      openvpn_server:
        # network interface connected to internal net
        interface: eth0
        # external IP of VPN server (EIP)
        external_ip: ansible_default_ipv4.address|default(ansible_all_ipv4_addresses[0])
        # Which local IP address should OpenVPN
        # listen on? (optional)
        listen_ip: ''
        # valid: 'udp' or 'tcp'
        proto: udp
        # Which TCP/UDP port should OpenVPN listen on?
        port: 1194
        # valid: 'tun' or 'tap'
        # "tun" will create a routed IP tunnel,
        # "tap" will create an ethernet tunnel.
        device: tun
        max_clients: 10
        tls_auth:
          enabled: true
        cipher: AES-256-GCM
        user: nobody
        group: nogroup

      openvpn_persistent_pool: []

      openvpn_mobile_clients: []

      openvpn_config_save_dir: ""

      openvpn_subnet:
        ip: 10.8.3.0
        mask: 255.255.255.0

      openvpn_iptables:
        enabled: false

      openvpn_push:
        routes: []
        route_gateway: ""
        dhcp_options:
          domains: []
          dns: []
        sndbuf: 393216
        rcvbuf: 393216

  vars:
    ansible_python_interpreter: /usr/bin/python3
bodsch commented 1 year ago

Thank @rmalenko !

I will have a look at it.

What operating system (type and version) are you using for it?

bodsch commented 1 year ago

Hi @rmalenko !

I found out that the pki directory is not created in an Ubuntu distribution. Therefore, I assume that you are using an Ubuntu.

So far this distribution has not been supported! I have created a PR that implements this support.

rmalenko commented 1 year ago

Thank you a lot!

bodsch commented 1 year ago

Please try the latest release!