IKE authentication credentials are unacceptable

Describe the bug
I cannot connect to my VPN and get the error "IKE authentication credentials are unacceptable".
To Reproduce
Steps to reproduce the behavior:
Create configuration as normal, but change base image for digital ocean to Ubuntu 19.04-x64.
Run ./algo
Follow all prompts and select "digital ocean" as the provider.
SSH in and try to start ipsec. It won't start.
Run getcap on /usr/lib/ipsec/charon. You will see it has no capabilities.
Run setcap cap_net_admin+ep /usr/lib/ipsec/charon. Then try and start it. It won't start still.
Edit /etc/strongswan.conf and comment out the user and group. Then it will happily start.
Try and connect a windows 10 client to the VPN. The error "IKE authentication credentials are unacceptable" appears.
Expected behavior
I didn't expect to have to comment out the user and group drops, nor did I expect this error. I thought I could just alter the base image to 19.04, run ./algo and boom. But nope.
Additional context
This was done from an Arch Linux machine, with the git master branch (git clone).
Full log
PLAY [localhost] *******************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [localhost]

TASK [Verify Ansible meets Drupal VM's version requirements.] **********************************************************
ok: [localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

PLAY [Ask user for the input] ******************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [localhost]
[Cloud prompt]
What provider would you like to use?
    1. DigitalOcean
    2. Amazon Lightsail
    3. Amazon EC2
    4. Vultr
    5. Microsoft Azure
    6. Google Compute Engine
    7. Scaleway
    8. OpenStack (DreamCompute optimised)
    9. Install to existing Ubuntu 18.04 server (Advanced)

Enter the number of your desired provider
:

TASK [Cloud prompt] ****************************************************************************************************
ok: [localhost]

TASK [Set facts based on the input] ************************************************************************************
ok: [localhost]
[VPN server name prompt]
Name the vpn server
[algo]
:

TASK [VPN server name prompt] ******************************************************************************************
ok: [localhost]
[Cellular On Demand prompt]
Do you want macOS/iOS IPsec clients to enable "Connect On Demand" when connected to cellular networks?
[y/N]
:

TASK [Cellular On Demand prompt] ***************************************************************************************
ok: [localhost]
[Wi-Fi On Demand prompt]
Do you want macOS/iOS IPsec clients to enable "Connect On Demand" when connected to Wi-Fi?
[y/N]
:

TASK [Wi-Fi On Demand prompt] ******************************************************************************************
ok: [localhost]
[Trusted Wi-Fi networks prompt]
List the names of any trusted Wi-Fi networks where macOS/iOS IPsec clients should not use "Connect On Demand"
(e.g., your home network. Comma-separated value, e.g., HomeNet,OfficeWifi,AlgoWiFi)
:

TASK [Trusted Wi-Fi networks prompt] ***********************************************************************************
ok: [localhost]
[Compatible ciphers prompt]
Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure)
[y/N]
:

TASK [Compatible ciphers prompt] ***************************************************************************************
ok: [localhost]
[Retain the CA key prompt]
Do you want to retain the CA key? (required to add users in the future, but less secure)
[y/N]
:

TASK [Retain the CA key prompt] ****************************************************************************************
ok: [localhost]
[DNS adblocking prompt]
Do you want to install an ad blocking DNS resolver on this VPN server?
[y/N]
:

TASK [DNS adblocking prompt] *******************************************************************************************
ok: [localhost]
[SSH tunneling prompt]
Do you want each user to have their own account for SSH tunneling?
[y/N]
:

TASK [SSH tunneling prompt] ********************************************************************************************
ok: [localhost]

TASK [Set facts based on the input] ************************************************************************************
ok: [localhost]

PLAY [Provision the server] ********************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [localhost]

--> Please include the following block of text when reporting issues:

Algo running on: Arch Linux (Virtualized: kvm)
Created from git fork. Last commit: 6b33d09 Scaleway modules (#1410)
Python 2.7.16
Runtime variables:
    algo_provider "digitalocean"
    algo_ondemand_cellular "True"
    algo_ondemand_wifi "True"
    algo_ondemand_wifi_exclude "X251bGw="
    algo_windows "True"
    algo_local_dns "True"
    algo_ssh_tunneling "True"
    wireguard_enabled "True"
    dns_encryption "True"

TASK [Display the invocation environment] ******************************************************************************
changed: [localhost -> localhost]

TASK [Install the requirements] ****************************************************************************************
changed: [localhost -> localhost]

TASK [Generate the SSH private key] ************************************************************************************
changed: [localhost]

TASK [Generate the SSH public key] *************************************************************************************
changed: [localhost]

TASK [cloud-digitalocean : Install requirements] ***********************************************************************
changed: [localhost]
[cloud-digitalocean : pause]
Enter your API token. The token must have read and write permissions (https://cloud.digitalocean.com/settings/api/tokens):
 (output is hidden):

TASK [cloud-digitalocean : pause] **************************************************************************************
ok: [localhost]

TASK [cloud-digitalocean : Set the token as a fact] ********************************************************************
ok: [localhost]

TASK [cloud-digitalocean : Get regions] ********************************************************************************
ok: [localhost]

TASK [cloud-digitalocean : Set facts about thre regions] ***************************************************************
ok: [localhost]

TASK [cloud-digitalocean : Set default region] *************************************************************************
ok: [localhost]
[cloud-digitalocean : pause]
What region should the server be located in?
    1. ams3     Amsterdam 3
    2. blr1     Bangalore 1
    3. fra1     Frankfurt 1
    4. lon1     London 1
    5. nyc1     New York 1
    6. nyc3     New York 3
    7. sfo2     San Francisco 2
    8. sgp1     Singapore 1
    9. tor1     Toronto 1

Enter the number of your desired region
[6]
:

TASK [cloud-digitalocean : pause] **************************************************************************************
ok: [localhost]

TASK [cloud-digitalocean : Set additional facts] ***********************************************************************
ok: [localhost]

TASK [cloud-digitalocean : Delete the existing Algo SSH keys] **********************************************************
ok: [localhost]

TASK [cloud-digitalocean : Upload the SSH key] *************************************************************************
changed: [localhost]

TASK [cloud-digitalocean : Creating a droplet...] **********************************************************************
changed: [localhost]

TASK [cloud-digitalocean : set_fact] ***********************************************************************************
ok: [localhost]

TASK [cloud-digitalocean : Tag the droplet] ****************************************************************************
changed: [localhost]
FAILED - RETRYING: Delete the new Algo SSH key (10 retries left).

TASK [cloud-digitalocean : Delete the new Algo SSH key] ****************************************************************
ok: [localhost]

TASK [Set subjectAltName as afact] *************************************************************************************
ok: [localhost]

TASK [Add the server to an inventory group] ****************************************************************************
changed: [localhost]

TASK [Additional variables for the server] *****************************************************************************
changed: [localhost]

TASK [Wait until SSH becomes ready...] *********************************************************************************
ok: [localhost]

TASK [debug] ***********************************************************************************************************
ok: [localhost] => {
    "IP_subject_alt_name": "68.183.204.38"
}
Pausing for 20 seconds
(ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort)

TASK [A short pause, in order to be sure the instance is ready] ********************************************************
ok: [localhost]

PLAY [Configure the server and install required software] **************************************************************

TASK [common : Check the system] ***************************************************************************************
ok: [68.183.204.38]
included: /home/ethin/algo/roles/common/tasks/ubuntu.yml for 68.183.204.38

TASK [common : Gather facts] *******************************************************************************************
ok: [68.183.204.38]

TASK [common : Install software updates] *******************************************************************************
changed: [68.183.204.38]

TASK [common : Check if reboot is required] ****************************************************************************
changed: [68.183.204.38]

TASK [common : Install unattended-upgrades] ****************************************************************************
ok: [68.183.204.38]

TASK [common : Configure unattended-upgrades] **************************************************************************
changed: [68.183.204.38]

TASK [common : Periodic upgrades configured] ***************************************************************************
changed: [68.183.204.38]

TASK [common : Unattended reboots configured] **************************************************************************
changed: [68.183.204.38]

TASK [common : Disable MOTD on login and SSHD] *************************************************************************
changed: [68.183.204.38] => (item={u'regexp': u'^session.*optional.*pam_motd.so.*', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/login'})
changed: [68.183.204.38] => (item={u'regexp': u'^session.*optional.*pam_motd.so.*', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/sshd'})

TASK [common : Loopback for services configured] ***********************************************************************
changed: [68.183.204.38]

TASK [common : systemd services enabled and started] *******************************************************************
ok: [68.183.204.38] => (item=systemd-networkd)
ok: [68.183.204.38] => (item=systemd-resolved)

RUNNING HANDLER [common : restart systemd-networkd] ********************************************************************
changed: [68.183.204.38]

TASK [common : Check apparmor support] *********************************************************************************
ok: [68.183.204.38]

TASK [common : Set fact if apparmor enabled] ***************************************************************************
ok: [68.183.204.38]

TASK [common : Generate password for the CA key] ***********************************************************************
changed: [68.183.204.38 -> localhost]

TASK [common : Generate p12 export password] ***************************************************************************
changed: [68.183.204.38 -> localhost]

TASK [common : Define facts] *******************************************************************************************
ok: [68.183.204.38]

TASK [common : Set facts] **********************************************************************************************
ok: [68.183.204.38]

TASK [common : Set IPv6 support as a fact] *****************************************************************************
ok: [68.183.204.38]

TASK [common : Check size of MTU] **************************************************************************************
ok: [68.183.204.38]

TASK [common : Set OS specific facts] **********************************************************************************
ok: [68.183.204.38]

TASK [common : Install tools] ******************************************************************************************
changed: [68.183.204.38]

TASK [common : Install headers] ****************************************************************************************
ok: [68.183.204.38]
included: /home/ethin/algo/roles/common/tasks/iptables.yml for 68.183.204.38

TASK [common : Iptables configured] ************************************************************************************
changed: [68.183.204.38] => (item={u'dest': u'/etc/iptables/rules.v4', u'src': u'rules.v4.j2'})

TASK [common : Iptables configured] ************************************************************************************
changed: [68.183.204.38] => (item={u'dest': u'/etc/iptables/rules.v6', u'src': u'rules.v6.j2'})

TASK [common : Sysctl tuning] ******************************************************************************************
changed: [68.183.204.38] => (item={u'item': u'net.ipv4.ip_forward', u'value': 1})
changed: [68.183.204.38] => (item={u'item': u'net.ipv4.conf.all.forwarding', u'value': 1})
changed: [68.183.204.38] => (item={u'item': u'net.ipv6.conf.all.forwarding', u'value': 1})

RUNNING HANDLER [common : restart iptables] ****************************************************************************
changed: [68.183.204.38]
included: /home/ethin/algo/roles/dns_encryption/tasks/ubuntu.yml for 68.183.204.38

TASK [dns_encryption : Add the repository] *****************************************************************************
changed: [68.183.204.38]

TASK [dns_encryption : Install dnscrypt-proxy] *************************************************************************
changed: [68.183.204.38]

TASK [dns_encryption : Configure unattended-upgrades] ******************************************************************
changed: [68.183.204.38]

TASK [dns_encryption : Ubuntu | Unbound profile for apparmor configured] ***********************************************
changed: [68.183.204.38]

TASK [dns_encryption : Ubuntu | Enforce the dnscrypt-proxy AppArmor policy] ********************************************
ok: [68.183.204.38]

TASK [dns_encryption : Ubuntu | Ensure that the dnscrypt-proxy service directory exist] ********************************
changed: [68.183.204.38]

TASK [dns_encryption : Ubuntu | Add custom requirements to successfully start the unit] ********************************
changed: [68.183.204.38]

TASK [dns_encryption : dnscrypt-proxy ip-blacklist configured] *********************************************************
changed: [68.183.204.38]

TASK [dns_encryption : dnscrypt-proxy configured] **********************************************************************
changed: [68.183.204.38]

TASK [dns_encryption : dnscrypt-proxy enabled and started] *************************************************************
ok: [68.183.204.38]
 [WARNING]: flush_handlers task does not support when conditional

RUNNING HANDLER [dns_encryption : restart dnscrypt-proxy] **************************************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Dnsmasq installed] ******************************************************************************
changed: [68.183.204.38]

TASK [dns_adblocking : The dnsmasq directory created] ******************************************************************
changed: [68.183.204.38]
included: /home/ethin/algo/roles/dns_adblocking/tasks/ubuntu.yml for 68.183.204.38

TASK [dns_adblocking : Ubuntu | Dnsmasq profile for apparmor configured] ***********************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Ubuntu | Enforce the dnsmasq AppArmor policy] ***************************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Ubuntu | Ensure that the dnsmasq service directory exist] ***************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Ubuntu | Setup the cgroup limitations for the ipsec daemon] *************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Dnsmasq configured] *****************************************************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Adblock script created] *************************************************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Adblock script added to cron] *******************************************************************
changed: [68.183.204.38]

TASK [dns_adblocking : Update adblock hosts] ***************************************************************************
ok: [68.183.204.38]

RUNNING HANDLER [dns_adblocking : restart dnsmasq] *********************************************************************
changed: [68.183.204.38]

RUNNING HANDLER [dns_adblocking : daemon-reload] ***********************************************************************
ok: [68.183.204.38]

TASK [dns_adblocking : Dnsmasq enabled and started] ********************************************************************
ok: [68.183.204.38]

TASK [wireguard : Ensure the required directories exist] ***************************************************************
changed: [68.183.204.38 -> localhost] => (item=private)
changed: [68.183.204.38 -> localhost] => (item=public)
included: /home/ethin/algo/roles/wireguard/tasks/ubuntu.yml for 68.183.204.38

TASK [wireguard : WireGuard repository configured] *********************************************************************
changed: [68.183.204.38]

TASK [wireguard : WireGuard installed] *********************************************************************************
changed: [68.183.204.38]

TASK [wireguard : WireGuard reload-module-on-update] *******************************************************************
changed: [68.183.204.38]

TASK [wireguard : Configure unattended-upgrades] ***********************************************************************
changed: [68.183.204.38]

TASK [wireguard : Set OS specific facts] *******************************************************************************
ok: [68.183.204.38]

TASK [wireguard : Generate private keys] *******************************************************************************
changed: [68.183.204.38] => (item=ethin)
changed: [68.183.204.38] => (item=garrett)
changed: [68.183.204.38] => (item=jake)
changed: [68.183.204.38] => (item=devin)
changed: [68.183.204.38] => (item=68.183.204.38)

TASK [wireguard : Save private keys] ***********************************************************************************
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38]

TASK [wireguard : Touch the lock file] *********************************************************************************
changed: [68.183.204.38] => (item=ethin)
changed: [68.183.204.38] => (item=garrett)
changed: [68.183.204.38] => (item=jake)
changed: [68.183.204.38] => (item=devin)
changed: [68.183.204.38] => (item=68.183.204.38)

TASK [wireguard : Generate public keys] ********************************************************************************
ok: [68.183.204.38] => (item=ethin)
ok: [68.183.204.38] => (item=garrett)
ok: [68.183.204.38] => (item=jake)
ok: [68.183.204.38] => (item=devin)
ok: [68.183.204.38] => (item=68.183.204.38)

TASK [wireguard : Save public keys] ************************************************************************************
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38]

TASK [wireguard : WireGuard user list updated] *************************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [wireguard : set_fact] ********************************************************************************************
ok: [68.183.204.38 -> localhost]

TASK [wireguard : WireGuard users config generated] ********************************************************************
changed: [68.183.204.38 -> localhost] => (item=[0, u'ethin'])
changed: [68.183.204.38 -> localhost] => (item=[1, u'garrett'])
changed: [68.183.204.38 -> localhost] => (item=[2, u'jake'])
changed: [68.183.204.38 -> localhost] => (item=[3, u'devin'])

TASK [wireguard : Generate QR codes] ***********************************************************************************
ok: [68.183.204.38 -> localhost] => (item=[0, u'ethin'])
ok: [68.183.204.38 -> localhost] => (item=[1, u'garrett'])
ok: [68.183.204.38 -> localhost] => (item=[2, u'jake'])
ok: [68.183.204.38 -> localhost] => (item=[3, u'devin'])

TASK [wireguard : WireGuard configured] ********************************************************************************
changed: [68.183.204.38]

TASK [wireguard : WireGuard enabled and started] ***********************************************************************
changed: [68.183.204.38]

RUNNING HANDLER [wireguard : restart wireguard] ************************************************************************
changed: [68.183.204.38]
included: /home/ethin/algo/roles/strongswan/tasks/ubuntu.yml for 68.183.204.38

TASK [strongswan : Set OS specific facts] ******************************************************************************
ok: [68.183.204.38]

TASK [strongswan : Ubuntu | Install strongSwan] ************************************************************************
changed: [68.183.204.38]

TASK [strongswan : Ubuntu | Enforcing ipsec with apparmor] *************************************************************
ok: [68.183.204.38] => (item=/usr/lib/ipsec/charon)
ok: [68.183.204.38] => (item=/usr/lib/ipsec/lookip)
ok: [68.183.204.38] => (item=/usr/lib/ipsec/stroke)

TASK [strongswan : Ubuntu | Enable services] ***************************************************************************
ok: [68.183.204.38] => (item=apparmor)
ok: [68.183.204.38] => (item=strongswan)
ok: [68.183.204.38] => (item=netfilter-persistent)

TASK [strongswan : Ubuntu | Ensure that the strongswan service directory exist] ****************************************
changed: [68.183.204.38]

TASK [strongswan : Ubuntu | Setup the cgroup limitations for the ipsec daemon] *****************************************
changed: [68.183.204.38]

TASK [strongswan : Ensure that the strongswan user exist] **************************************************************
ok: [68.183.204.38]

TASK [strongswan : Install strongSwan] *********************************************************************************
ok: [68.183.204.38]

TASK [strongswan : Setup the config files from our templates] **********************************************************
changed: [68.183.204.38] => (item={u'dest': u'strongswan.conf', u'src': u'strongswan.conf.j2', u'group': u'root', u'mode': u'0644', u'owner': u'root'})
changed: [68.183.204.38] => (item={u'dest': u'ipsec.conf', u'src': u'ipsec.conf.j2', u'group': u'root', u'mode': u'0644', u'owner': u'root'})
changed: [68.183.204.38] => (item={u'dest': u'ipsec.secrets', u'src': u'ipsec.secrets.j2', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'})
changed: [68.183.204.38] => (item={u'dest': u'strongswan.d/charon.conf', u'src': u'charon.conf.j2', u'group': u'root', u'mode': u'0644', u'owner': u'root'})

TASK [strongswan : Get loaded plugins] *********************************************************************************
ok: [68.183.204.38]

TASK [strongswan : Disable unneeded plugins] ***************************************************************************
changed: [68.183.204.38] => (item=mgf1)
changed: [68.183.204.38] => (item=counters)
changed: [68.183.204.38] => (item=attr)
changed: [68.183.204.38] => (item=bypass-lan)
changed: [68.183.204.38] => (item=agent)
changed: [68.183.204.38] => (item=xauth-generic)
changed: [68.183.204.38] => (item=dnskey)
changed: [68.183.204.38] => (item=updown)
changed: [68.183.204.38] => (item=rc2)
changed: [68.183.204.38] => (item=md5)
changed: [68.183.204.38] => (item=connmark)
changed: [68.183.204.38] => (item=eap-mschapv2)
changed: [68.183.204.38] => (item=sshkey)
changed: [68.183.204.38] => (item=pkcs1)
changed: [68.183.204.38] => (item=gmp)
changed: [68.183.204.38] => (item=md4)
changed: [68.183.204.38] => (item=aesni)
changed: [68.183.204.38] => (item=sha1)
changed: [68.183.204.38] => (item=xcbc)
changed: [68.183.204.38] => (item=resolve)
changed: [68.183.204.38] => (item=fips-prf)
changed: [68.183.204.38] => (item=constraints)

TASK [strongswan : Ensure that required plugins are enabled] ***********************************************************
changed: [68.183.204.38] => (item=stroke)
changed: [68.183.204.38] => (item=openssl)
changed: [68.183.204.38] => (item=gcm)
changed: [68.183.204.38] => (item=pubkey)
changed: [68.183.204.38] => (item=pgp)
changed: [68.183.204.38] => (item=pkcs12)
changed: [68.183.204.38] => (item=nonce)
changed: [68.183.204.38] => (item=socket-default)
changed: [68.183.204.38] => (item=sha2)
changed: [68.183.204.38] => (item=random)
changed: [68.183.204.38] => (item=pem)
changed: [68.183.204.38] => (item=x509)
changed: [68.183.204.38] => (item=pkcs8)
changed: [68.183.204.38] => (item=hmac)
changed: [68.183.204.38] => (item=kernel-netlink)
changed: [68.183.204.38] => (item=aes)
changed: [68.183.204.38] => (item=pkcs7)
changed: [68.183.204.38] => (item=revocation)

TASK [strongswan : Set subjectAltName as a fact] ***********************************************************************
ok: [68.183.204.38 -> localhost]

TASK [strongswan : debug] **********************************************************************************************
ok: [68.183.204.38 -> localhost] => {
    "subjectAltName": "IP:68.183.204.38,IP:2604:a880:cad:d0::c8b:a001"
}

TASK [strongswan : Ensure the pki directories exist] *******************************************************************
changed: [68.183.204.38 -> localhost] => (item=ecparams)
changed: [68.183.204.38 -> localhost] => (item=certs)
changed: [68.183.204.38 -> localhost] => (item=crl)
changed: [68.183.204.38 -> localhost] => (item=newcerts)
changed: [68.183.204.38 -> localhost] => (item=private)
changed: [68.183.204.38 -> localhost] => (item=public)
changed: [68.183.204.38 -> localhost] => (item=reqs)

TASK [strongswan : Ensure the config directories exist] ****************************************************************
changed: [68.183.204.38 -> localhost] => (item=apple)
changed: [68.183.204.38 -> localhost] => (item=windows)
changed: [68.183.204.38 -> localhost] => (item=manual)

TASK [strongswan : Ensure the files exist] *****************************************************************************
changed: [68.183.204.38 -> localhost] => (item=.rnd)
changed: [68.183.204.38 -> localhost] => (item=private/.rnd)
changed: [68.183.204.38 -> localhost] => (item=index.txt)
changed: [68.183.204.38 -> localhost] => (item=index.txt.attr)
changed: [68.183.204.38 -> localhost] => (item=serial)

TASK [strongswan : Generate the openssl server configs] ****************************************************************
changed: [68.183.204.38 -> localhost]

TASK [strongswan : Build the CA pair] **********************************************************************************
changed: [68.183.204.38 -> localhost]

TASK [strongswan : Copy the CA certificate] ****************************************************************************
changed: [68.183.204.38 -> localhost]

TASK [strongswan : Generate the serial number] *************************************************************************
changed: [68.183.204.38 -> localhost]

TASK [strongswan : Build the server pair] ******************************************************************************
changed: [68.183.204.38 -> localhost]

TASK [strongswan : Build the client's pair] ****************************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Build openssh public keys] **************************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Build the client's p12] *****************************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Build the client's p12 with the CA cert included] ***************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Copy the p12 certificates] **************************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Get active users] ***********************************************************************************
changed: [68.183.204.38 -> localhost]

TASK [strongswan : Copy the keys to the strongswan directory] **********************************************************
changed: [68.183.204.38] => (item={u'dest': u'cacerts/ca.crt', u'src': u'cacert.pem', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'})
changed: [68.183.204.38] => (item={u'dest': u'certs/68.183.204.38.crt', u'src': u'certs/68.183.204.38.crt', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'})
changed: [68.183.204.38] => (item={u'dest': u'private/68.183.204.38.key', u'src': u'private/68.183.204.38.key', u'group': u'root', u'mode': u'0600', u'owner': u'strongswan'})

TASK [strongswan : Register p12 PayloadContent] ************************************************************************
ok: [68.183.204.38 -> localhost] => (item=ethin)
ok: [68.183.204.38 -> localhost] => (item=garrett)
ok: [68.183.204.38 -> localhost] => (item=jake)
ok: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Set facts for mobileconfigs] ************************************************************************
ok: [68.183.204.38 -> localhost]

TASK [strongswan : Build the mobileconfigs] ****************************************************************************
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38]

TASK [strongswan : Build the client ipsec config file] *****************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Build the client ipsec secret file] *****************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [strongswan : Build the windows client powershell script] *********************************************************
changed: [68.183.204.38 -> localhost] => (item=[u'ethin', {'_ansible_parsed': True, 'stderr_lines': [], u'changed': False, u'stdout': u'MIIEiQIBAzCCBE8GCSqGSIb3DQEHAaCCBEAEggQ8MIIEODCCAt8GCSqGSIb3DQEHBqCCAtAwggLM\nAgEAMIICxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIzFuHPf1KvOUCAggAgIICmERN+9ce\nqToR0H/5U1jd7Y7HOTn/BeH2rW3qahaR+gRl8YjO0ekZPSUv3KcawF8WqIndirWaXYsIPWXRdi3/\nKIK4tEGtX1FRHyx3SNcEtxVg/eIpFps3oPgDPYVlUawgCOgrNwfoUm8DeGpS8g27XDgWtZt8CA1A\nyAOTej1hn7xh8gGAUqwA6Hcc39ThTBrcA0Ps5EfyqkywQWvS8LtXjq2mZYUtIHAakCxoGBzp4kjA\nPohhV3juedZYDgmVKPWTG8mw9xU55hnzjETaPg/bW0mHDynkBXmZSMt836yXEP1s7Ar6wuwW3/BU\nNbPR+FOnN+tK+SigfAjIztQ+GqwJcmadc2AXiP1SCKPhMt3ORkDlPI2hkRx3OcCtOsNQElfUfoEc\nBqloYo2rrVRZBP0ep1e8ZcBQjxNQWiIdibEd5OvoJytE2RYWBjRWM7d+W2EVlLRxnhBLTYVOp6LF\n7CoxvS7AXbIieQsMcMl4yRPVjjUWUaBULVGriG8aVYpP4RonKNoa9o5QyiNHcry0BOIjBSsA2pwM\nnXMUrPEuhDtOLs+SkBjE8y7dvjEYVYB9/04+WBiD/U2yYyUmQM79QBmaOJ/vL+VGpd1FKbPWkSvY\ngQJOaMqj7XGmAWXV0MXWSoQ9I9hYrj+lB7yv+plBpB6GRQXP0qUDVDfjxELKZFdS03Olhlh1jl4S\nw6PqtmeF+QrubijV2PUNfwhm7xcDP4nlMiiqeP24yHcI/r7VO+VxHwS4XSucdyDNXb+O2PQbcoIR\n7vwcn6OaPciZoNS3wGORdC2lRn13egUlsIDqis5TDrSrt/MRTSS0HvXtbtK3JD42gl5Bv0cojq1+\nG9yR/ZQFTKGRtmv8GAa7LLO12jBfGUwgY10agBDvS5UwggFRBgkqhkiG9w0BBwGgggFCBIIBPjCC\nATowggE2BgsqhkiG9w0BDAoBAqCB5DCB4TAcBgoqhkiG9w0BDAEDMA4ECEe5jI6e30abAgIIAASB\nwGei1Satbba71AWmTC7SEsm50oDeif6APrbD0z7f4E8crFEFa/3RuIfG2BPbjjQGUMCgzGbwtLSv\nD0rX5COK2YPX3vkHg6oHGSk8/vyq8ohjWPwejHXFyGgzMGyB5dSZj5Wvhc+Sy0o3Ljb9DC8US0HT\n7AQ5tXv3OtVtwXMeNrJyiBrRNFgT0CvPQErtyhZUw0FvocZNv5iztbikqph3ZJXoM0JVADcQgU01\n7pNBWbUwqrHeGMFtVjH3aKlXn7RKXDFAMBkGCSqGSIb3DQEJFDEMHgoAZQB0AGgAaQBuMCMGCSqG\nSIb3DQEJFTEWBBSD3kLJfHCGDRy+RyHmBa9t+mNqgDAxMCEwCQYFKw4DAhoFAAQUeY2o+T/2HmDf\nr3XI7A/3hGut3fgECLM2nubBcn8fAgIIAA==', '_ansible_delegated_vars': {'ansible_delegated_host': u'localhost', 'ansible_host': u'localhost'}, '_ansible_item_result': True, u'delta': u'0:00:00.007515', 'stdout_lines': [u'MIIEiQIBAzCCBE8GCSqGSIb3DQEHAaCCBEAEggQ8MIIEODCCAt8GCSqGSIb3DQEHBqCCAtAwggLM', u'AgEAMIICxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIzFuHPf1KvOUCAggAgIICmERN+9ce', u'qToR0H/5U1jd7Y7HOTn/BeH2rW3qahaR+gRl8YjO0ekZPSUv3KcawF8WqIndirWaXYsIPWXRdi3/', u'KIK4tEGtX1FRHyx3SNcEtxVg/eIpFps3oPgDPYVlUawgCOgrNwfoUm8DeGpS8g27XDgWtZt8CA1A', u'yAOTej1hn7xh8gGAUqwA6Hcc39ThTBrcA0Ps5EfyqkywQWvS8LtXjq2mZYUtIHAakCxoGBzp4kjA', u'PohhV3juedZYDgmVKPWTG8mw9xU55hnzjETaPg/bW0mHDynkBXmZSMt836yXEP1s7Ar6wuwW3/BU', u'NbPR+FOnN+tK+SigfAjIztQ+GqwJcmadc2AXiP1SCKPhMt3ORkDlPI2hkRx3OcCtOsNQElfUfoEc', u'BqloYo2rrVRZBP0ep1e8ZcBQjxNQWiIdibEd5OvoJytE2RYWBjRWM7d+W2EVlLRxnhBLTYVOp6LF', u'7CoxvS7AXbIieQsMcMl4yRPVjjUWUaBULVGriG8aVYpP4RonKNoa9o5QyiNHcry0BOIjBSsA2pwM', u'nXMUrPEuhDtOLs+SkBjE8y7dvjEYVYB9/04+WBiD/U2yYyUmQM79QBmaOJ/vL+VGpd1FKbPWkSvY', u'gQJOaMqj7XGmAWXV0MXWSoQ9I9hYrj+lB7yv+plBpB6GRQXP0qUDVDfjxELKZFdS03Olhlh1jl4S', u'w6PqtmeF+QrubijV2PUNfwhm7xcDP4nlMiiqeP24yHcI/r7VO+VxHwS4XSucdyDNXb+O2PQbcoIR', u'7vwcn6OaPciZoNS3wGORdC2lRn13egUlsIDqis5TDrSrt/MRTSS0HvXtbtK3JD42gl5Bv0cojq1+', u'G9yR/ZQFTKGRtmv8GAa7LLO12jBfGUwgY10agBDvS5UwggFRBgkqhkiG9w0BBwGgggFCBIIBPjCC', u'ATowggE2BgsqhkiG9w0BDAoBAqCB5DCB4TAcBgoqhkiG9w0BDAEDMA4ECEe5jI6e30abAgIIAASB', u'wGei1Satbba71AWmTC7SEsm50oDeif6APrbD0z7f4E8crFEFa/3RuIfG2BPbjjQGUMCgzGbwtLSv', u'D0rX5COK2YPX3vkHg6oHGSk8/vyq8ohjWPwejHXFyGgzMGyB5dSZj5Wvhc+Sy0o3Ljb9DC8US0HT', u'7AQ5tXv3OtVtwXMeNrJyiBrRNFgT0CvPQErtyhZUw0FvocZNv5iztbikqph3ZJXoM0JVADcQgU01', u'7pNBWbUwqrHeGMFtVjH3aKlXn7RKXDFAMBkGCSqGSIb3DQEJFDEMHgoAZQB0AGgAaQBuMCMGCSqG', u'SIb3DQEJFTEWBBSD3kLJfHCGDRy+RyHmBa9t+mNqgDAxMCEwCQYFKw4DAhoFAAQUeY2o+T/2HmDf', u'r3XI7A/3hGut3fgECLM2nubBcn8fAgIIAA=='], '_ansible_item_label': u'ethin', u'end': u'2019-05-06 13:17:04.047614', '_ansible_no_log': False, u'start': u'2019-05-06 13:17:04.040099', 'failed': False, u'cmd': u'set -o pipefail\n cat private/ethin.p12 |\n base64', 'item': u'ethin', u'stderr': u'', u'rc': 0, u'invocation': {u'module_args': {u'creates': None, u'executable': u'bash', u'_uses_shell': True, u'_raw_params': u'set -o pipefail\n cat private/ethin.p12 |\n base64', u'removes': None, u'argv': None, u'warn': True, u'chdir': u'configs/68.183.204.38/ipsec//.pki/', u'stdin': None}}, '_ansible_ignore_errors': None}])
changed: [68.183.204.38 -> localhost] => (item=[u'garrett', {'_ansible_parsed': True, 'stderr_lines': [], u'changed': False, u'stdout': u'MIIElQIBAzCCBFsGCSqGSIb3DQEHAaCCBEwEggRIMIIERDCCAucGCSqGSIb3DQEHBqCCAtgwggLU\nAgEAMIICzQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIDzF7Pn4irhYCAggAgIICoL2Q3/B/\nzUsg6vOdrA6iJZwRdhOoF2L/I8HwAfDYxI0aMGcNlLDD8RTCgr/ZBq3Mzj4bPwgxlhk5dwHm0rGc\nDrtFLmnWT+ZIevfdWt4cIWQfI0TDCKKxNd73DEUrOXeJbxM8073AsSoIRzgjCHTYN+L37kp3+9Qh\nNwynWQBXpCRdDdl6zUIUZkEsiwENh0YxWgDV3TdN0oO3DziASu7rcFrbNpZ5arOS5G76hkPkOP/u\nu9aoat9IhWG6Ngh8R+nz/yqQutdTEXqRNnO8v0v2/TUltOsTgFjPvtLnFdzW1xrRceQHFoyLNvlz\nHYKJ1Z0C9ChTY52cgfktIfzjM4Mk+W1lSxFT/s5wpiH5sbUvid899WkDPEXJXAd+RR81a/TqDtbl\nla5LlSh6uEBZg1NXq7YqAkEOzc67oMUMhYSrN3d+bx49/V5d56GUKlbZFBsS060VqkWX8KN5CYMi\n67sA+lljFt+02Y+APavSo0Uz0doGFmVckpAlxMY0gz0w1T+3xcJHq7U3xc0OgNdzUuDSUXn5Pfg8\nw4HBUxLGtD2MBYY/50YOvDA8Tw2FscGFM89zZmBwuZuDtKgOGEoMxizEfxNApHlsI+t2XxokyQUH\nOwyd+qER6IePjTcQXcO6l/LofY1AhVJ7mFUWvvurm22vDeHF0bc9+HIuqBxeimKOEPsAbb9d5bX7\nJo8L2S2DKgKyXD57KjKs6FGX9kbzyaqiiqkkMLWYTL2/Qmz0HeKPCDHqonhGcwoLgrfz9b/nxz6T\nce3ShUXHDRBY4dlteNGQHeZkzgItbWSIUBaHWm/R361kDSQ8loY0yFBlwzaPKaRyvm4j5uexI7Is\nstzDrSSA1U6QrvMB9sPZgIZ+LZvuVtYJi3JIVhPerKSkqjsuVbWTGTCCAVUGCSqGSIb3DQEHAaCC\nAUYEggFCMIIBPjCCAToGCyqGSIb3DQEMCgECoIHkMIHhMBwGCiqGSIb3DQEMAQMwDgQIk+VI/Pxt\naTsCAggABIHA038ITUDWD4TJLCxdokpHHKf6SNZtqVDf/1n8QEePgi2FYnXZDuqEkkSPalZS16Kb\nrXy2WQAnTg6YMIczeWurPoRY3HZi2dEYnaP/ksxfK9SSjqFVZXhfG9GnyzOrN0R9BpVrC+o5bPi6\ntXzzpEGi2yyTHQ1zz1eMWdrxNRxr+VGs7xqq+qH0w05H41olxSmGNNk/iiCwzicNRcrpIUkgIHl9\nGjK1fqN0ltX/YAgp5BVrjKBzdFGpZjKfPPIF2mLRMUQwHQYJKoZIhvcNAQkUMRAeDgBnAGEAcgBy\nAGUAdAB0MCMGCSqGSIb3DQEJFTEWBBSL5BqumdAlWXC0u/lNXRak0W9QxjAxMCEwCQYFKw4DAhoF\nAAQUOuVrgxbWQXVvAWYfs3oUKqCJaJYECAC7Z+xl3PNOAgIIAA==', '_ansible_delegated_vars': {'ansible_delegated_host': u'localhost', 'ansible_host': u'localhost'}, '_ansible_item_result': True, u'delta': u'0:00:00.008709', 'stdout_lines': [u'MIIElQIBAzCCBFsGCSqGSIb3DQEHAaCCBEwEggRIMIIERDCCAucGCSqGSIb3DQEHBqCCAtgwggLU', u'AgEAMIICzQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIDzF7Pn4irhYCAggAgIICoL2Q3/B/', u'zUsg6vOdrA6iJZwRdhOoF2L/I8HwAfDYxI0aMGcNlLDD8RTCgr/ZBq3Mzj4bPwgxlhk5dwHm0rGc', u'DrtFLmnWT+ZIevfdWt4cIWQfI0TDCKKxNd73DEUrOXeJbxM8073AsSoIRzgjCHTYN+L37kp3+9Qh', u'NwynWQBXpCRdDdl6zUIUZkEsiwENh0YxWgDV3TdN0oO3DziASu7rcFrbNpZ5arOS5G76hkPkOP/u', u'u9aoat9IhWG6Ngh8R+nz/yqQutdTEXqRNnO8v0v2/TUltOsTgFjPvtLnFdzW1xrRceQHFoyLNvlz', u'HYKJ1Z0C9ChTY52cgfktIfzjM4Mk+W1lSxFT/s5wpiH5sbUvid899WkDPEXJXAd+RR81a/TqDtbl', u'la5LlSh6uEBZg1NXq7YqAkEOzc67oMUMhYSrN3d+bx49/V5d56GUKlbZFBsS060VqkWX8KN5CYMi', u'67sA+lljFt+02Y+APavSo0Uz0doGFmVckpAlxMY0gz0w1T+3xcJHq7U3xc0OgNdzUuDSUXn5Pfg8', u'w4HBUxLGtD2MBYY/50YOvDA8Tw2FscGFM89zZmBwuZuDtKgOGEoMxizEfxNApHlsI+t2XxokyQUH', u'Owyd+qER6IePjTcQXcO6l/LofY1AhVJ7mFUWvvurm22vDeHF0bc9+HIuqBxeimKOEPsAbb9d5bX7', u'Jo8L2S2DKgKyXD57KjKs6FGX9kbzyaqiiqkkMLWYTL2/Qmz0HeKPCDHqonhGcwoLgrfz9b/nxz6T', u'ce3ShUXHDRBY4dlteNGQHeZkzgItbWSIUBaHWm/R361kDSQ8loY0yFBlwzaPKaRyvm4j5uexI7Is', u'stzDrSSA1U6QrvMB9sPZgIZ+LZvuVtYJi3JIVhPerKSkqjsuVbWTGTCCAVUGCSqGSIb3DQEHAaCC', u'AUYEggFCMIIBPjCCAToGCyqGSIb3DQEMCgECoIHkMIHhMBwGCiqGSIb3DQEMAQMwDgQIk+VI/Pxt', u'aTsCAggABIHA038ITUDWD4TJLCxdokpHHKf6SNZtqVDf/1n8QEePgi2FYnXZDuqEkkSPalZS16Kb', u'rXy2WQAnTg6YMIczeWurPoRY3HZi2dEYnaP/ksxfK9SSjqFVZXhfG9GnyzOrN0R9BpVrC+o5bPi6', u'tXzzpEGi2yyTHQ1zz1eMWdrxNRxr+VGs7xqq+qH0w05H41olxSmGNNk/iiCwzicNRcrpIUkgIHl9', u'GjK1fqN0ltX/YAgp5BVrjKBzdFGpZjKfPPIF2mLRMUQwHQYJKoZIhvcNAQkUMRAeDgBnAGEAcgBy', u'AGUAdAB0MCMGCSqGSIb3DQEJFTEWBBSL5BqumdAlWXC0u/lNXRak0W9QxjAxMCEwCQYFKw4DAhoF', u'AAQUOuVrgxbWQXVvAWYfs3oUKqCJaJYECAC7Z+xl3PNOAgIIAA=='], '_ansible_item_label': u'garrett', u'end': u'2019-05-06 13:17:04.255332', '_ansible_no_log': False, u'start': u'2019-05-06 13:17:04.246623', 'failed': False, u'cmd': u'set -o pipefail\n cat private/garrett.p12 |\n base64', 'item': u'garrett', u'stderr': u'', u'rc': 0, u'invocation': {u'module_args': {u'creates': None, u'executable': u'bash', u'_uses_shell': True, u'_raw_params': u'set -o pipefail\n cat private/garrett.p12 |\n base64', u'removes': None, u'argv': None, u'warn': True, u'chdir': u'configs/68.183.204.38/ipsec//.pki/', u'stdin': None}}, '_ansible_ignore_errors': None}])
changed: [68.183.204.38 -> localhost] => (item=[u'jake', {'_ansible_parsed': True, 'stderr_lines': [], u'changed': False, u'stdout': u'MIIEhwIBAzCCBE0GCSqGSIb3DQEHAaCCBD4EggQ6MIIENjCCAt8GCSqGSIb3DQEHBqCCAtAwggLM\nAgEAMIICxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQId63ZLNEaIIICAggAgIICmHNzx1qe\naKbKCLS9mgUNaHTUyBPoR0JbgnaBWOE5raOtZGuskPbuu3dJ7YoH9lQNhmSw3c2q1LagPqluOgwu\nVAtwsfim5a3CvSNfHNgtH4yn1lIywVZ5HKuxowS2MpKGxOz0BmjJ3HDlOsnqW2+CegKgi5HC8ZqU\n8k3CZow+OodWo8LvQdKNkA/sWunAWXkIQ8KymbBjq1Eav9P/CO9/tgAbluw5cdaGM5vjC4/kC4SU\n7ouKF6Lm5vLngleTQLeIf36Gu+VC/gYweuBD2cJVmS/dyjPeCNwXmnaqgoKCQIiA9wGGnXs93Kis\n0st8NBTY7+FCMJzKQ8QifCKExtEwsitXRlCc89seVH4dLtr/drwa+5ARIADYJF2iwL9xqqulIUYv\nz9fJcIt7azhJiSS1i9KxJFMlfUmg+pVWqkFRlygbmWyHLw68dM/Cj39H8yThZR69ORjHZkPtu56v\nZCiOFv9Wz8Mu7enwGy5wSX14OEP+IN8XbmsjqoDAG9ILs3MXlgFgdF8aNoqXnl8qDrL/twnCuRtG\nSko5Oos6Zo9W0549hsxlXW63k2FIJpmr1P/4gW9CjfEJityNMyZCT1QCkcyK6MG9GZtw8rSwJpWX\nwkSb2cCOb0ubGfaMsaJU5TYzJG2lbAe+J3HvYiCfRkG/V5+qR0AW6D31W4KQcJnS2azH3PT4S7NR\nK4BSbbivNuoveaTHxLH2U/ZmNTlXcDMd+esvUWPxU821ccgj+VBtnVqGeTZdCcJ62C9rzM18aYlR\nh5TXroxFzX/FPWuZ029MUZqdjl2/pHyHZq5T8M6OE9Dht4gc4vruricU9OTzi39YJbmaQG2aTlzd\nHs+Iq0oKR/H2ek7Z2Pc9oJyxQvFweesyFsyhJfU0M8EwggFPBgkqhkiG9w0BBwGgggFABIIBPDCC\nATgwggE0BgsqhkiG9w0BDAoBAqCB5DCB4TAcBgoqhkiG9w0BDAEDMA4ECCW21whfiP6sAgIIAASB\nwB9Nwlb4igr5kvXDMYKlOC/XSSA/o87lKcJ41BZo8SyCythl3vzIaJ2jCyHQsweafzBZ564pqp5U\n+e+p72JH+WEIc4h28SmLJKDz4VQoW5JnyhxLi2rLb/iBmMSgaMQCZ2oBLBgSnW0Mdz07vCJ53PQz\nt9INpT3TKeA2fyOeyChAVq0wKpb96WlwSKA8gwlsBph7e2dIUnJdQQJxleCCCMF97ucjE7P1l0J7\nwzsiHjL5Id6pWOqSE7J5DwKOQErA1DE+MBcGCSqGSIb3DQEJFDEKHggAagBhAGsAZTAjBgkqhkiG\n9w0BCRUxFgQUvzf9oLi3P9Jia7BQWBLQNfTccEEwMTAhMAkGBSsOAwIaBQAEFL7CLe77ZKwqEfly\nka5HQOBMo97gBAirr2Kjr8UaBwICCAA=', '_ansible_delegated_vars': {'ansible_delegated_host': u'localhost', 'ansible_host': u'localhost'}, '_ansible_item_result': True, u'delta': u'0:00:00.007955', 'stdout_lines': [u'MIIEhwIBAzCCBE0GCSqGSIb3DQEHAaCCBD4EggQ6MIIENjCCAt8GCSqGSIb3DQEHBqCCAtAwggLM', u'AgEAMIICxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQId63ZLNEaIIICAggAgIICmHNzx1qe', u'aKbKCLS9mgUNaHTUyBPoR0JbgnaBWOE5raOtZGuskPbuu3dJ7YoH9lQNhmSw3c2q1LagPqluOgwu', u'VAtwsfim5a3CvSNfHNgtH4yn1lIywVZ5HKuxowS2MpKGxOz0BmjJ3HDlOsnqW2+CegKgi5HC8ZqU', u'8k3CZow+OodWo8LvQdKNkA/sWunAWXkIQ8KymbBjq1Eav9P/CO9/tgAbluw5cdaGM5vjC4/kC4SU', u'7ouKF6Lm5vLngleTQLeIf36Gu+VC/gYweuBD2cJVmS/dyjPeCNwXmnaqgoKCQIiA9wGGnXs93Kis', u'0st8NBTY7+FCMJzKQ8QifCKExtEwsitXRlCc89seVH4dLtr/drwa+5ARIADYJF2iwL9xqqulIUYv', u'z9fJcIt7azhJiSS1i9KxJFMlfUmg+pVWqkFRlygbmWyHLw68dM/Cj39H8yThZR69ORjHZkPtu56v', u'ZCiOFv9Wz8Mu7enwGy5wSX14OEP+IN8XbmsjqoDAG9ILs3MXlgFgdF8aNoqXnl8qDrL/twnCuRtG', u'Sko5Oos6Zo9W0549hsxlXW63k2FIJpmr1P/4gW9CjfEJityNMyZCT1QCkcyK6MG9GZtw8rSwJpWX', u'wkSb2cCOb0ubGfaMsaJU5TYzJG2lbAe+J3HvYiCfRkG/V5+qR0AW6D31W4KQcJnS2azH3PT4S7NR', u'K4BSbbivNuoveaTHxLH2U/ZmNTlXcDMd+esvUWPxU821ccgj+VBtnVqGeTZdCcJ62C9rzM18aYlR', u'h5TXroxFzX/FPWuZ029MUZqdjl2/pHyHZq5T8M6OE9Dht4gc4vruricU9OTzi39YJbmaQG2aTlzd', u'Hs+Iq0oKR/H2ek7Z2Pc9oJyxQvFweesyFsyhJfU0M8EwggFPBgkqhkiG9w0BBwGgggFABIIBPDCC', u'ATgwggE0BgsqhkiG9w0BDAoBAqCB5DCB4TAcBgoqhkiG9w0BDAEDMA4ECCW21whfiP6sAgIIAASB', u'wB9Nwlb4igr5kvXDMYKlOC/XSSA/o87lKcJ41BZo8SyCythl3vzIaJ2jCyHQsweafzBZ564pqp5U', u'+e+p72JH+WEIc4h28SmLJKDz4VQoW5JnyhxLi2rLb/iBmMSgaMQCZ2oBLBgSnW0Mdz07vCJ53PQz', u't9INpT3TKeA2fyOeyChAVq0wKpb96WlwSKA8gwlsBph7e2dIUnJdQQJxleCCCMF97ucjE7P1l0J7', u'wzsiHjL5Id6pWOqSE7J5DwKOQErA1DE+MBcGCSqGSIb3DQEJFDEKHggAagBhAGsAZTAjBgkqhkiG', u'9w0BCRUxFgQUvzf9oLi3P9Jia7BQWBLQNfTccEEwMTAhMAkGBSsOAwIaBQAEFL7CLe77ZKwqEfly', u'ka5HQOBMo97gBAirr2Kjr8UaBwICCAA='], '_ansible_item_label': u'jake', u'end': u'2019-05-06 13:17:04.442675', '_ansible_no_log': False, u'start': u'2019-05-06 13:17:04.434720', 'failed': False, u'cmd': u'set -o pipefail\n cat private/jake.p12 |\n base64', 'item': u'jake', u'stderr': u'', u'rc': 0, u'invocation': {u'module_args': {u'creates': None, u'executable': u'bash', u'_uses_shell': True, u'_raw_params': u'set -o pipefail\n cat private/jake.p12 |\n base64', u'removes': None, u'argv': None, u'warn': True, u'chdir': u'configs/68.183.204.38/ipsec//.pki/', u'stdin': None}}, '_ansible_ignore_errors': None}])
changed: [68.183.204.38 -> localhost] => (item=[u'devin', {'_ansible_parsed': True, 'stderr_lines': [], u'changed': False, u'stdout': u'MIIEiQIBAzCCBE8GCSqGSIb3DQEHAaCCBEAEggQ8MIIEODCCAt8GCSqGSIb3DQEHBqCCAtAwggLM\nAgEAMIICxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI68Ev0qSPRR4CAggAgIICmMfDPPwM\n63mQLEXNqsRrcu3yMcrn4mx6GBDt8rU1XNOdjGr/S1YwWxKloTYuf91dcAR8krSkCZUQP/eGtlOq\n6JtapPhZkT6pY1W75Uieeu/pGrVB/CDTd7TbMopRBoXV34B+VQDNpuBvN8kqyUk6PEe31dMdLjDD\niqKDVKMXzOc2gWFkujWcyqGXOEMYsiKRDObe2bS5a46dV2yCZ5FE7wPuksTiTMq7etCMc3zRxpD0\njnXvmlVFo6lOAvYocRSU4af/VWD1G8/QfVkzWXdXueqN52yqk2r/mNb5u+E2wjNv3fQaKIXfNN1G\ny92fSQ6jw0TF660T4KlAdRHWpbKiDHEvM8bfSFxeUMETNmVulAN+lb9WckZ6qygPtTsVZ6T13MEE\nRvu8mtA2X6GXVcGt0wyhE/k8gOOG1TrGZjJ0awZQvK6QR8H6B2IlOTfciCODmnZ5JD950tTaNGCc\nGO039+PetiG5o/Muj+lyOVc/lUO+V6PV2jdwI9c8RrWm98pgn5PAcW+SBwWYiQP+LGkZgN0/duY6\n/UMfDfVjQwxv8HbWlBbIjm3DgwC2mRamrpBRkaAFDeeuVEXGvv8bISjXtlcCRTBIu+h4LBmrrFXM\nWuG3d6PzFSGIhICjDrBVhGuDtQOqL07QY53c5SPFsjMGCUke9Qbkg2GV7X6OZFIlVpgQki0AoRJK\ncqN9CL6ofZYJaba1jGDsaK8cG9wFLQGvR1JDKqBcwuPgOuz3PuByqSviuQXakIPdGNoYT21GvXlE\nSdMI+pZFeBiDXenF8mIjrJpxTSBnXIvjWt/+4m2DZsEmjiPsRn+54WkrjRATLGqVMyfFjqgKqt7n\n3H5ERqvpV2ZbA+eoxsunL9DKQIXHOz2onUqQ/oILNXMwggFRBgkqhkiG9w0BBwGgggFCBIIBPjCC\nATowggE2BgsqhkiG9w0BDAoBAqCB5DCB4TAcBgoqhkiG9w0BDAEDMA4ECGqiXKEJjQ5pAgIIAASB\nwITEP5lOIge3q4OZAK7/wq8Y3hGAxF5n7Hheiofg5bkz8c921JBfDgkwZqqxVB4NdJ7P1NNyznV8\nCyGUCMMgo9h0K0qo1WiPVw/nMXTyLYYfRxIpwXysJwzus8RMFMtJ0y7KyE3zv9E///6uO8oJszLH\nmUfvsYg19ViMSmAjU6YcvroLzzSAaJMW57Dn90PDyuWgZQdpwKodg67jXdj378DovkixmbsRcecP\nYIJr7VUsMTulN1CQH6Df2qg5Nj4d1jFAMBkGCSqGSIb3DQEJFDEMHgoAZABlAHYAaQBuMCMGCSqG\nSIb3DQEJFTEWBBR0MZPHoaCnA9suWh2VKYQTNWaQXzAxMCEwCQYFKw4DAhoFAAQU2g4jy6tmcYDb\ndyRKtpPeexH4lmUECP9JH2A9I90tAgIIAA==', '_ansible_delegated_vars': {'ansible_delegated_host': u'localhost', 'ansible_host': u'localhost'}, '_ansible_item_result': True, u'delta': u'0:00:00.007912', 'stdout_lines': [u'MIIEiQIBAzCCBE8GCSqGSIb3DQEHAaCCBEAEggQ8MIIEODCCAt8GCSqGSIb3DQEHBqCCAtAwggLM', u'AgEAMIICxQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI68Ev0qSPRR4CAggAgIICmMfDPPwM', u'63mQLEXNqsRrcu3yMcrn4mx6GBDt8rU1XNOdjGr/S1YwWxKloTYuf91dcAR8krSkCZUQP/eGtlOq', u'6JtapPhZkT6pY1W75Uieeu/pGrVB/CDTd7TbMopRBoXV34B+VQDNpuBvN8kqyUk6PEe31dMdLjDD', u'iqKDVKMXzOc2gWFkujWcyqGXOEMYsiKRDObe2bS5a46dV2yCZ5FE7wPuksTiTMq7etCMc3zRxpD0', u'jnXvmlVFo6lOAvYocRSU4af/VWD1G8/QfVkzWXdXueqN52yqk2r/mNb5u+E2wjNv3fQaKIXfNN1G', u'y92fSQ6jw0TF660T4KlAdRHWpbKiDHEvM8bfSFxeUMETNmVulAN+lb9WckZ6qygPtTsVZ6T13MEE', u'Rvu8mtA2X6GXVcGt0wyhE/k8gOOG1TrGZjJ0awZQvK6QR8H6B2IlOTfciCODmnZ5JD950tTaNGCc', u'GO039+PetiG5o/Muj+lyOVc/lUO+V6PV2jdwI9c8RrWm98pgn5PAcW+SBwWYiQP+LGkZgN0/duY6', u'/UMfDfVjQwxv8HbWlBbIjm3DgwC2mRamrpBRkaAFDeeuVEXGvv8bISjXtlcCRTBIu+h4LBmrrFXM', u'WuG3d6PzFSGIhICjDrBVhGuDtQOqL07QY53c5SPFsjMGCUke9Qbkg2GV7X6OZFIlVpgQki0AoRJK', u'cqN9CL6ofZYJaba1jGDsaK8cG9wFLQGvR1JDKqBcwuPgOuz3PuByqSviuQXakIPdGNoYT21GvXlE', u'SdMI+pZFeBiDXenF8mIjrJpxTSBnXIvjWt/+4m2DZsEmjiPsRn+54WkrjRATLGqVMyfFjqgKqt7n', u'3H5ERqvpV2ZbA+eoxsunL9DKQIXHOz2onUqQ/oILNXMwggFRBgkqhkiG9w0BBwGgggFCBIIBPjCC', u'ATowggE2BgsqhkiG9w0BDAoBAqCB5DCB4TAcBgoqhkiG9w0BDAEDMA4ECGqiXKEJjQ5pAgIIAASB', u'wITEP5lOIge3q4OZAK7/wq8Y3hGAxF5n7Hheiofg5bkz8c921JBfDgkwZqqxVB4NdJ7P1NNyznV8', u'CyGUCMMgo9h0K0qo1WiPVw/nMXTyLYYfRxIpwXysJwzus8RMFMtJ0y7KyE3zv9E///6uO8oJszLH', u'mUfvsYg19ViMSmAjU6YcvroLzzSAaJMW57Dn90PDyuWgZQdpwKodg67jXdj378DovkixmbsRcecP', u'YIJr7VUsMTulN1CQH6Df2qg5Nj4d1jFAMBkGCSqGSIb3DQEJFDEMHgoAZABlAHYAaQBuMCMGCSqG', u'SIb3DQEJFTEWBBR0MZPHoaCnA9suWh2VKYQTNWaQXzAxMCEwCQYFKw4DAhoFAAQU2g4jy6tmcYDb', u'dyRKtpPeexH4lmUECP9JH2A9I90tAgIIAA=='], '_ansible_item_label': u'devin', u'end': u'2019-05-06 13:17:04.631215', '_ansible_no_log': False, u'start': u'2019-05-06 13:17:04.623303', 'failed': False, u'cmd': u'set -o pipefail\n cat private/devin.p12 |\n base64', 'item': u'devin', u'stderr': u'', u'rc': 0, u'invocation': {u'module_args': {u'creates': None, u'executable': u'bash', u'_uses_shell': True, u'_raw_params': u'set -o pipefail\n cat private/devin.p12 |\n base64', u'removes': None, u'argv': None, u'warn': True, u'chdir': u'configs/68.183.204.38/ipsec//.pki/', u'stdin': None}}, '_ansible_ignore_errors': None}])

TASK [strongswan : Restrict permissions for the local private directories] *********************************************
ok: [68.183.204.38 -> localhost]

TASK [strongswan : strongSwan started] *********************************************************************************
ok: [68.183.204.38]

RUNNING HANDLER [dns_adblocking : daemon-reload] ***********************************************************************
ok: [68.183.204.38]

RUNNING HANDLER [strongswan : restart strongswan] **********************************************************************
changed: [68.183.204.38]

TASK [ssh_tunneling : Ensure that the sshd_config file has desired options] ********************************************
changed: [68.183.204.38]

TASK [ssh_tunneling : Ensure that the algo group exist] ****************************************************************
changed: [68.183.204.38]

TASK [ssh_tunneling : Ensure that the jail directory exist] ************************************************************
changed: [68.183.204.38]

TASK [ssh_tunneling : Ensure that the SSH users exist] *****************************************************************
changed: [68.183.204.38] => (item=ethin)
changed: [68.183.204.38] => (item=garrett)
changed: [68.183.204.38] => (item=jake)
changed: [68.183.204.38] => (item=devin)

TASK [ssh_tunneling : Ensure the config directories exist] *************************************************************
changed: [68.183.204.38 -> localhost]

TASK [ssh_tunneling : Check if the private keys exist] *****************************************************************
ok: [68.183.204.38 -> localhost] => (item=ethin)
ok: [68.183.204.38 -> localhost] => (item=garrett)
ok: [68.183.204.38 -> localhost] => (item=jake)
ok: [68.183.204.38 -> localhost] => (item=devin)

TASK [ssh_tunneling : Build ssh private keys] **************************************************************************
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38]

TASK [ssh_tunneling : Build ssh public keys] ***************************************************************************
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38 -> localhost] => (item=None)
changed: [68.183.204.38]

TASK [ssh_tunneling : Build the client ssh config] *********************************************************************
changed: [68.183.204.38 -> localhost] => (item=ethin)
changed: [68.183.204.38 -> localhost] => (item=garrett)
changed: [68.183.204.38 -> localhost] => (item=jake)
changed: [68.183.204.38 -> localhost] => (item=devin)

TASK [ssh_tunneling : The authorized keys file created] ****************************************************************
changed: [68.183.204.38] => (item=ethin)
changed: [68.183.204.38] => (item=garrett)
changed: [68.183.204.38] => (item=jake)
changed: [68.183.204.38] => (item=devin)

TASK [ssh_tunneling : Get active users] ********************************************************************************
ok: [68.183.204.38]

TASK [Dump the configuration] ******************************************************************************************
changed: [68.183.204.38 -> localhost]

TASK [debug] ***********************************************************************************************************
ok: [68.183.204.38] => {
    "msg": [
        [
            "\"#                          Congratulations!                            #\"",
            "\"#                     Your Algo server is running.                     #\"",
            "\"#    Config files and certificates are in the ./configs/ directory.    #\"",
            "\"#              Go to https://whoer.net/ after connecting               #\"",
            "\"#        and ensure that all your traffic passes through the VPN.      #\"",
            "\"#                     Local DNS resolver 172.16.0.1                    #\"",
            ""
        ],
        "    \"#        The p12 and SSH keys password for new users is [removed] #\"\n",
        "    \"#        The CA key password is [removed]       #\"\n",
        "    \"#      Shell access: ssh -i configs/algo.pem root@68.183.204.38        #\"\n"
    ]
}

RUNNING HANDLER [ssh_tunneling : restart ssh] **************************************************************************
changed: [68.183.204.38]

PLAY RECAP *************************************************************************************************************
68.183.204.38              : ok=128  changed=85   unreachable=0    failed=0
localhost                  : ok=39   changed=10   unreachable=0    failed=0
trailofbits / algo

IKE authentication credentials are unacceptable #1426
