openvpn-install-connector: install and run connector with user given …

…token
TheShellLand · May 3, 2024 · 4386802 · 4386802
1 parent e923da8
commit 4386802
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 7 deletions.
diff --git a/playbooks/openvpn-install-connector.yml b/playbooks/openvpn-install-connector.yml
@@ -1,4 +1,6 @@
 ---
 - hosts: all
   roles:
-    - openvpn-install-connector
+    - openvpn-install-connector
+  vars:
+    OPENVPN_CONNECTOR_TOKEN:
diff --git a/playbooks/roles/openvpn-install-connector/tasks/Debian.yml b/playbooks/roles/openvpn-install-connector/tasks/Debian.yml
@@ -15,15 +15,63 @@
   register: shell
   changed_when: shell.stdout
 
-#- name: install connector
+#- name: install connector online
 #  shell: |
 #    curl -O https://network-gateway.openvpn.com/network-gate/api/v1/scripts/VWJ1bnR1IDIyLjA0/gateway/ubuntu_22_04.sh
 #    chmod +x ubuntu_22_04.sh
 #    ./ubuntu_22_04.sh
 #  become: yes
 
-#- name: copy /usr/bin/openvpn-connector-setup
-#  copy:
-#    src: usr/bin/openvpn-connector-setup
-#    dest: /usr/bin/openvpn-connector-setup
-#  become: yes
+# https://network-gateway.openvpn.com/network-gate/api/v1/scripts/VWJ1bnR1IDIyLjA0/gateway/ubuntu_22_04.sh
+- name: run ubuntu_22_04.sh
+  shell: |
+    #!/bin/bash
+
+    # Install dependencies
+    sudo apt update
+    sudo apt install curl
+
+    # Install the OpenVPN repository key used by the OpenVPN packages
+    sudo mkdir -p /etc/apt/keyrings
+    curl -fsSL https://packages.openvpn.net/packages-repo.gpg | sudo tee /etc/apt/keyrings/openvpn.asc
+
+    # Add the OpenVPN repository
+    echo "deb [signed-by=/etc/apt/keyrings/openvpn.asc] https://packages.openvpn.net/openvpn3/debian $(lsb_release -c -s) main" | sudo tee /etc/apt/sources.list.d/openvpn-packages.list
+    sudo apt update
+
+    # Install OpenVPN Connector setup tool
+    sudo apt install python3-openvpn-connector-setup
+
+    # Enable IP forwarding
+    sudo sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
+    sudo sed -i 's/#net.ipv6.conf.all.forwarding=1/net.ipv6.conf.all.forwarding=1/g' /etc/sysctl.conf
+    sudo sysctl -p
+
+    # Configure NAT
+    IF=$(ip route | grep -m 1 default | awk '{print $5}')
+    sudo iptables -t nat -A POSTROUTING -o $IF -j MASQUERADE
+    sudo ip6tables -t nat -A POSTROUTING -o $IF -j MASQUERADE
+    sudo DEBIAN_FRONTEND=noninteractive apt install -y iptables-persistent
+
+    # Run openvpn-connector-setup to import ovpn profile and connect to VPN.
+    # You will be asked to provide setup token, You can get it from the
+    # Linux Connector configuration page in CloudConnexa Portal.
+    #sudo openvpn-connector-setup
+
+  become: yes
+  register: shell
+  changed_when: false
+
+- name: openvpn-connector-setup --version
+  shell: |
+    openvpn-connector-setup --version
+  become: yes
+  register: shell
+  changed_when: shell.stderr
+
+- name: openvpn-connector-setup --force --token
+  shell: |
+    openvpn-connector-setup --force --token {{ OPENVPN_CONNECTOR_TOKEN }}
+  become: yes
+  register: shell
+  changed_when: shell.stderr