npppd
ansible-role-npppd
Configure OpenBSD's npppd(8).
Requirements
Only supported platform is OpenBSD.
Role Variables
The role dose not yet support all configurations found in npppd.conf(5).
Variable | Description | Default |
---|---|---|
npppd_user | user name of the daemon | _npppd |
npppd_group | group name of the daemon | _npppd |
npppd_conf_dir | dir of config files | /etc/npppd |
npppd_service | the service name | npppd |
npppd_conf | path to npppd.conf | {{ npppd_conf_dir }}/npppd.conf |
npppd_users_file | the path to npppd-users | {{ npppd_conf_dir }}/npppd-users |
npppd_flags | "" | |
npppd_users | a dict of ppp users that is used by local authentication | {} |
npppd_tunnel | a dict of tunnels | {} |
npppd_ipcp | a dict of ipcp | {} |
npppd_interface | a dict of interfaces | {} |
npppd_authentication | a dict of authentications | {} |
npppd_bind | bind tunnel, authentication, and interface | [] |
npppd_tunnel
the tunnel for PPP.
npppd_tunnel:
l2tp_tunnel:
protocol: l2tp
options:
- "listen_on {{ ansible_default_ipv4.address }}"
npppd_interface
a dict of interface configuration.
npppd_interface:
pppx0:
address: 192.168.100.254
ipcp: ipcp1
pppx1:
address: 192.168.200.254
ipcp: ipcp2
npppd_ipcp
a dict of ipcp.
npppd_ipcp:
ipcp1:
- pool-address 192.168.100.1-192.168.100.250
- dns-servers 8.8.8.8
ipcp2:
- pool-address 192.168.200.1-192.168.200.250
- dns-servers 8.8.8.8
npppd_authentication
This valiable is a dict of name of authetication method. Name can be arbitary. The value of the key is a dict of configuration.
key | value |
---|---|
type | radius or local |
options | array of lines of configurations for the authentication (optional) |
type: local
When type is local
, users-file
key must exist. the value should be path to
npppd-users(5).
npppd_authentication:
LOCAL:
type: local
options:
- users-file "{{ npppd_users_file }}"
type: radius
When type is radius
, servers
key must exist. The value is a dict of servers.
key | value |
---|---|
port | port number of radius (optional) |
secret | password for radius |
options | array of lines of configurations for the server (optional) |
npppd_authentication:
RADIUS:
type: radius
options:
- strip-nt-domain no
servers:
127.0.0.1:
port: 1812
secret: password
options:
- timeout 10
server2.example.org:
port: 1812
secret: password
options:
- timeout 10
npppd_bind
npppd_bind
binds tunnel, authetication, and interface
npppd_bind:
-
from: l2tp_tunnel
authenticated_by: LOCAL
to: pppx0
Dependencies
None
Example Playbook
See npppd.conf(5).
Simple L2TP configuration
- hosts: localhost
roles:
- ansible-role-npppd
vars:
npppd_tunnel:
l2tp_tunnel:
protocol: l2tp
options:
- "listen on {{ ansible_default_ipv4.address }}"
- "lcp-keepalive yes"
- "tcp-mss-adjust yes"
npppd_ipcp:
ipcp1:
- pool-address 192.168.100.1-192.168.100.250
- dns-servers 8.8.8.8
npppd_interface:
pppx0:
address: 192.168.100.254
ipcp: ipcp1
npppd_authentication:
LOCAL:
type: local
options:
- 'users-file "{{ npppd_users_file }}"'
npppd_bind:
-
from: l2tp_tunnel
authenticated_by: LOCAL
to: pppx0
npppd_users:
foo:
password: 'password:\^'
bar-:
password: password
framed-ip-address: 192.168.100.1
buz_:
password: password
framed-ip-network: 192.168.101.0/24
Same but authenticates users by RADIUS
- hosts: localhost
roles:
- ansible-role-npppd
vars:
npppd_tunnel:
l2tp_tunnel:
protocol: l2tp
options:
- "listen on {{ ansible_default_ipv4.address }}"
npppd_ipcp:
ipcp1:
- pool-address 192.168.100.1-192.168.100.250
- dns-servers 8.8.8.8
npppd_interface:
pppx0:
address: 192.168.100.254
ipcp: ipcp1
npppd_authentication:
RADIUS:
type: radius
options:
- strip-nt-domain no
servers:
127.0.0.1:
port: 1812
secret: password
options:
- timeout 10
npppd_bind:
-
from: l2tp_tunnel
authenticated_by: RADIUS
to: pppx0
License
Copyright (c) 2016 Tomoyuki Sakurai <[email protected]>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Author Information
Tomoyuki Sakurai tomoyukis@reallyenglish.com
This README was created by ansible-role-init
Install
ansible-galaxy install trombik/ansible-role-npppd
License
isc
Downloads
23
Owner
PGP finger print: 03EB 3D97 5E04 9B0C AB21 93A2 D693 42A9 EFBC 3577
Makerspace and Coliving in Siem Reap, Cambodia: http://info.mkrsgh.org/