ocserv
Ansible Role: Ocserv
This role installs OpenConnect SSL VPN Server (ocserv).
What is Ocserv?
Ocserv is an open source SSL VPN server. Check out https://gitlab.com/ocserv/ocserv for more info.
Requirements
- Ansible >= 2.0
Usage
NOTE: This role attempts to use sane defaults so that it can be run without needing to override any role default variables.
Assuming you'd like to execute Ansible from the same host that you'd like to install Ocserv on and you're on a RHEL-like distro, the steps are:
- Install Ansible
$ sudo dnf install ansible # yum install ansible
- Get the role from Ansible Galaxy
$ sudo ansible-galaxy install aprt5pr.ocserv
- Update Ansible inventory
$ echo "127.0.0.1" | sudo tee -a /etc/ansible/hosts
- Create a playbook
$ mkdir my-playbook
$ cd my-playbook
$ echo -e "---\n\n- hosts: all\n roles:\n - aprt5pr.ocserv" > site.yml
- Run it!
$ ansible-playbook site.yml --become --ask-sudo-pass
If everything goes OK, you'll have Ocserv configured with a plain authentication user named alice.
Gotchas
- This role (currently) does not:
- Configure any source NAT. You'll need to configure this manually (e.g.
firewall-cmd --zone=public --add-masquerade). - Manage the firewall
- Clients may be unable to connect to the VPN remotely. The following should get you up and running:
firewall-cmd --zone=public --add-port=443/tcpfirewall-cmd --zone=public --add-port=443/udp
- Connected clients will be able to access services that are listening on all addresses(!)
- Clients may be unable to connect to the VPN remotely. The following should get you up and running:
- Configure any source NAT. You'll need to configure this manually (e.g.
How can I contribute code to this project?
- Fork this project
- Commit your changes
- Open a Merge Request
Install
ansible-galaxy install aprt5pr/lansible-role-ocservLicense
other
Downloads
93
Owner