algo/gce.yml

- name: Configure the server and install required software
  hosts: localhost
  gather_facts: false

  vars:
    zones:
      "1": "us-central1-a"
      "2": "us-central1-b"
      "3": "us-central1-c"
      "4": "us-central1-f"
      "5": "us-east1-b"
      "6": "us-east1-c"
      "7": "us-east1-d"
      "8": "europe-west1-b"
      "9": "europe-west1-c"
      "10": "europe-west1-d"
      "11": "asia-east1-a"
      "12": "asia-east1-b"
      "13": "asia-east1-c"

  vars_prompt:
  - name: "credentials_file"
    prompt: "Enter the local path to your credentials JSON file [ex: ~/gogle_cloud.json] (https://support.google.com/cloud/answer/6158849?hl=en&ref_topic=6262490#serviceaccounts):\n"
    private: no

  - name: "ssh_public_key"
    prompt: "Enter the local path to your SSH public key:\n"
    default: "~/.ssh/id_rsa.pub"
    private: no

  - name: "zone"
    prompt: >
      What zone should the server be located in?
        1. Central US       (Iowa A)
        2. Central US       (Iowa B)
        3. Central US       (Iowa C)
        4. Central US       (Iowa F)
        5. Eastern US       (South Carolina B)
        6. Eastern US       (South Carolina C)
        7. Eastern US       (South Carolina D)
        8. Western Europe   (Belgium B)
        9. Western Europe   (Belgium C)
        10. Western Europe  (Belgium D)
        11. East Asia       (Taiwan A)
        12. East Asia       (Taiwan B)
        13. East Asia       (Taiwan C)
      Please choose the number of your zone. Press enter for default (#8) zone.
    default: "8"
    private: no

  - name: "server_name"
    prompt: "Name the vpn server:\n"
    default: "algo"
    private: no

  - name: "dns_enabled"
    prompt: "Do you want to use a local DNS resolver to block ads while surfing? (Y or N):\n"
    default: "Y"
    private: no

  - name: "auditd_enabled"
    prompt: "Do you want to use auditd ? (Y or N):\n"
    default: "Y"
    private: no
    
  - name: "easyrsa_p12_export_password"
    prompt: "Enter the password for p12 certificates:\n"
    default: "vpn"
    private: yes

  roles:
    - cloud-gce

- name: Post-provisioning tasks
  hosts: vpn-host
  gather_facts: false
  become: true
  vars_files:
    - config.cfg

  pre_tasks:
    - name: Install prerequisites
      raw: sudo apt-get update -qq && sudo apt-get install -qq -y python2.7
    - name: Configure defaults
      raw: sudo update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1

  roles:
    - common
    - security
    - proxy
    - vpn
    - { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "Y" }
    - { role: logging, when: auditd_enabled is defined and auditd_enabled == 'Y' }
google and azure 2016-08-14 11:13:23 +00:00			`- name: Configure the server and install required software`
			`hosts: localhost`
			`gather_facts: false`

			`vars:`
Google Cloud Engine #27 2016-08-14 13:36:50 +00:00			`zones:`
			`"1": "us-central1-a"`
			`"2": "us-central1-b"`
			`"3": "us-central1-c"`
			`"4": "us-central1-f"`
			`"5": "us-east1-b"`
			`"6": "us-east1-c"`
			`"7": "us-east1-d"`
			`"8": "europe-west1-b"`
			`"9": "europe-west1-c"`
			`"10": "europe-west1-d"`
			`"11": "asia-east1-a"`
			`"12": "asia-east1-b"`
			`"13": "asia-east1-c"`
google and azure 2016-08-14 11:13:23 +00:00
Google Cloud Engine #27 2016-08-14 13:36:50 +00:00			`vars_prompt:`
			`- name: "credentials_file"`
			`prompt: "Enter the local path to your credentials JSON file [ex: ~/gogle_cloud.json] (https://support.google.com/cloud/answer/6158849?hl=en&ref_topic=6262490#serviceaccounts):\n"`
			`private: no`
linting 2016-08-16 03:32:44 +00:00
Google Cloud Engine #27 2016-08-14 13:36:50 +00:00			`- name: "ssh_public_key"`
default value for a public key 2016-08-17 20:39:18 +00:00			`prompt: "Enter the local path to your SSH public key:\n"`
default value for a public key #54 2016-08-17 20:38:34 +00:00			`default: "~/.ssh/id_rsa.pub"`
linting 2016-08-16 03:32:44 +00:00			`private: no`
google and azure 2016-08-14 11:13:23 +00:00
Google Cloud Engine #27 2016-08-14 13:36:50 +00:00			`- name: "zone"`
			`prompt: >`
			`What zone should the server be located in?`
			`1. Central US (Iowa A)`
			`2. Central US (Iowa B)`
			`3. Central US (Iowa C)`
			`4. Central US (Iowa F)`
			`5. Eastern US (South Carolina B)`
			`6. Eastern US (South Carolina C)`
			`7. Eastern US (South Carolina D)`
			`8. Western Europe (Belgium B)`
			`9. Western Europe (Belgium C)`
			`10. Western Europe (Belgium D)`
			`11. East Asia (Taiwan A)`
			`12. East Asia (Taiwan B)`
			`13. East Asia (Taiwan C)`
			`Please choose the number of your zone. Press enter for default (#8) zone.`
			`default: "8"`
			`private: no`
linting 2016-08-16 03:32:44 +00:00
Google Cloud Engine #27 2016-08-14 13:36:50 +00:00			`- name: "server_name"`
			`prompt: "Name the vpn server:\n"`
			`default: "algo"`
			`private: no`
linting 2016-08-16 03:32:44 +00:00
Google Cloud Engine #27 2016-08-14 13:36:50 +00:00			`- name: "dns_enabled"`
			`prompt: "Do you want to use a local DNS resolver to block ads while surfing? (Y or N):\n"`
			`default: "Y"`
			`private: no`
linting 2016-08-16 03:32:44 +00:00
Google Cloud Engine #27 2016-08-14 13:36:50 +00:00			`- name: "auditd_enabled"`
			`prompt: "Do you want to use auditd ? (Y or N):\n"`
			`default: "Y"`
			`private: no`
p12 moved into playbooks 2016-08-18 08:16:22 +00:00
			`- name: "easyrsa_p12_export_password"`
			`prompt: "Enter the password for p12 certificates:\n"`
			`default: "vpn"`
			`private: yes`
linting 2016-08-16 03:32:44 +00:00
google and azure 2016-08-14 11:13:23 +00:00			`roles:`
rename the cloud roles 2016-08-16 04:00:26 +00:00			`- cloud-gce`
google and azure 2016-08-14 11:13:23 +00:00
			`- name: Post-provisioning tasks`
			`hosts: vpn-host`
			`gather_facts: false`
			`become: true`
			`vars_files:`
			`- config.cfg`
linting 2016-08-16 03:32:44 +00:00
google and azure 2016-08-14 11:13:23 +00:00			`pre_tasks:`
			`- name: Install prerequisites`
			`raw: sudo apt-get update -qq && sudo apt-get install -qq -y python2.7`
			`- name: Configure defaults`
linting 2016-08-16 03:32:44 +00:00			`raw: sudo update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1`
google and azure 2016-08-14 11:13:23 +00:00
			`roles:`
			`- common`
			`- security`
Split the features role in two #49 2016-08-17 20:26:17 +00:00			`- proxy`
google and azure 2016-08-14 11:13:23 +00:00			`- vpn`
Split the features role in two #49 2016-08-17 20:26:17 +00:00			`- { role: dns_adblocking , when: dns_enabled is defined and dns_enabled == "Y" }`
linting 2016-08-16 03:32:44 +00:00			`- { role: logging, when: auditd_enabled is defined and auditd_enabled == 'Y' }`