Giter VIP home page Giter VIP logo

stouts.openvpn's Introduction

Stouts.openvpn

Build Status Galaxy

Ansible role that installs an openvpn server

  • Install and setup OpenVPN server
  • Setup authentication

Requirements

Previous versions of the role supported generating certificates and keys for the OpenVPN server to use. Since version 3.0.0, such support has been removed and the users of the role are expected to use some other way of generating certificates/keys (eg using another Ansible role). See the example playbook for an example.

An EasyRSA role that was created specifically to compliment this role can be found here.

Supported platforms

  • Ubuntu 14.04
  • Ubuntu 16.04
  • Ubuntu 18.04
  • Debian 8
  • Debian 9
  • Centos 7

Variables

See defaults/main.yml for a full list of variables together with documentation on how to use them to configure this role.

Elastic Beats monitoring

Heartbeat monitor

The role comes bundled with a meta/monitors.yml template that can be used by Heartbeat to check if the OpenVPN server is up and running. The template can be configured via variables (they should be self-explanatory). To use it, you can use some Ansible tasks to upload it to your Heartbeat instance. For example:

- name: Add earth-kibana host
  add_host:
    name: heartbeat_instance
    hostname: "{{ heartbeat.hostname }}"
    ansible_host: "{{ heartbeat.ansible_host }}"
    ansible_password: "{{ heartbeat.ansible_password }}"
    ansible_user: "{{ heartbeat.ansible_user }}"

- name: Upload role monitors
  template:
    src: "{{ item.1 + '/' + item.0 }}/meta/monitors.yml"
    dest: "/etc/heartbeat/monitors.d/{{ inventory_hostname }}.{{ item.0.split('.')[-1] }}.yml"
  when: (item.1 + '/' + item.0 + '/meta/monitors.yml') is file
  loop: "{{ roles | product(lookup('config', 'DEFAULT_ROLES_PATH')) | list }}"
  delegate_to: heartbeat_instance

Filebeat input

The role also includes a filebeat input file that can be uploaded to a filebeat server. The input reads the OpenVPN log and reads the lines that correspond to successful connections. The role includes an Elasticsearch ingest pipeline that can be imported to Elasticsearch to parse and break the log lines into fields. The files can be found under the meta/ folder.

Example playbook

See molecule/default/converge.yml for a working example of how to use this role.

License

Licensed under the MIT License. See the LICENSE file for details.

Feedback, bug-reports, requests, ...

...are welcome!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.