isakmpd

ansible-role-isakmpd

Configure OpenBSD isakmpd.

Requirements

None

Role Variables

Variable Description Default
isakmpd_user user name of the daemon {{ __isakmpd_user }}
isakmpd_group group name of the daemon {{ __isakmpd_group }}
isakmpd_service service name isakmpd
isakmpd_conf path to ipsec.conf. {{ __isakmpd_conf }}
isakmpd_flags flags for the daemon -K
isakmpd_conf_dir directory of file that the role creates as an anchor (beta) /etc/pf.conf.d
isakmpd_listen_address address for the daemon to bind to ""
isakmpd_addresses a dict of address lists that is used in isakmpd_flows ""
isakmpd_flows the flows {}
isakmpd_default_flow defaults for site and l2tp types of isakmpd_flows {"site"=>{"main"=>{"auth_algorithm"=>"hmac-sha1", "enc_algorithm"=>"aes-128", "group"=>"modp1024", "lifetime"=>nil}, "quick"=>{"auth_algorithm"=>"hmac-sha1", "enc_algorithm"=>"aes-128", "group"=>"modp1024", "lifetime"=>nil}}, "l2tp"=>{"main"=>{"auth_algorithm"=>"hmac-sha1", "enc_algorithm"=>"aes-128", "group"=>"modp1024", "lifetime"=>nil}, "quick"=>{"auth_algorithm"=>"hmac-sha1", "enc_algorithm"=>"aes-128", "group"=>"modp1024", "lifetime"=>nil}}}

OpenBSD

Variable Default
__isakmpd_user _isakmpd
__isakmpd_group _isakmpd
__isakmpd_conf /etc/ipsec.conf

Dependencies

None

Example Playbook

- hosts: localhost
  roles:
    - ansible-role-isakmpd
  vars:
    isakmpd_listen_address: 192.168.68.1
    isakmpd_addresses:
      peer1: 192.168.68.1
      peer2: 192.168.68.2

    isakmpd_flows:
      peer2:
        type: site
        psk: password
        main:
          lifetime: 10m
        quick:
          lifetime: 3600
      client:
        type: l2tp
        main:
          auth_algorithm: hmac-sha1
          enc_algorithm: 3des
          group: modp1024
          lifetime: 1200
        quick:
          auth_algorithm: hmac-sha2-256
          enc_algorithm: aes
          group: modp1024
        psk: password

License

Copyright (c) 2016 Tomoyuki Sakurai <[email protected]>

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Author Information

Tomoyuki Sakurai tomoyukis@reallyenglish.com

This README was created by ansible-role-init

About

Configures OpenBSD isakmpd

Install
ansible-galaxy install trombik/ansible-role-isakmpd
GitHub repository
License
isc
Downloads
29
Owner
PGP finger print: 03EB 3D97 5E04 9B0C AB21 93A2 D693 42A9 EFBC 3577 Makerspace and Coliving in Siem Reap, Cambodia: http://info.mkrsgh.org/