This commit is contained in:
Jack Ivanov 2016-11-03 17:21:18 +03:00
parent 0a075ccc51
commit 5383c71499
2 changed files with 13 additions and 11 deletions

View File

@ -170,6 +170,9 @@
- name: Set facts for mobileconfigs - name: Set facts for mobileconfigs
set_fact: set_fact:
proxy_enabled: false proxy_enabled: false
pkcs12_PayloadCertificateUUID: "{{ 900000 | random | to_uuid | upper }}"
VPN_PayloadIdentifier: "{{ 800000 | random | to_uuid | upper }}"
CA_PayloadIdentifier: "{{ 700000 | random | to_uuid | upper }}"
- name: Build the mobileconfigs - name: Build the mobileconfigs
template: src=mobileconfig.j2 dest=/{{ easyrsa_dir }}/easyrsa3//pki/private/{{ item.0 }}.mobileconfig mode=0600 template: src=mobileconfig.j2 dest=/{{ easyrsa_dir }}/easyrsa3//pki/private/{{ item.0 }}.mobileconfig mode=0600
@ -224,4 +227,3 @@
- include: iptables.yml - include: iptables.yml
tags: iptables tags: iptables

View File

@ -44,7 +44,7 @@
<key>LocalIdentifier</key> <key>LocalIdentifier</key>
<string>{{ item.0 }}</string> <string>{{ item.0 }}</string>
<key>PayloadCertificateUUID</key> <key>PayloadCertificateUUID</key>
<string>1FB2907D-14D3-4BAB-A472-B304F4B7F7D9</string> <string>{{ pkcs12_PayloadCertificateUUID }}</string>
<key>CertificateType</key> <key>CertificateType</key>
<string>ECDSA256</string> <string>ECDSA256</string>
<key>ServerCertificateIssuerCommonName</key> <key>ServerCertificateIssuerCommonName</key>
@ -66,11 +66,11 @@
<key>PayloadDisplayName</key> <key>PayloadDisplayName</key>
<string>VPN</string> <string>VPN</string>
<key>PayloadIdentifier</key> <key>PayloadIdentifier</key>
<string>com.apple.vpn.managed.D247A30B-6023-4C8E-B3E3-FF1910A65E53</string> <string>com.apple.vpn.managed.{{ VPN_PayloadIdentifier }}</string>
<key>PayloadType</key> <key>PayloadType</key>
<string>com.apple.vpn.managed</string> <string>com.apple.vpn.managed</string>
<key>PayloadUUID</key> <key>PayloadUUID</key>
<string>D247A30B-6023-4C8E-B3E3-FF1910A65E53</string> <string>{{ VPN_PayloadIdentifier }}</string>
<key>PayloadVersion</key> <key>PayloadVersion</key>
<real>1</real> <real>1</real>
<key>Proxies</key> <key>Proxies</key>
@ -111,11 +111,11 @@
<key>PayloadDisplayName</key> <key>PayloadDisplayName</key>
<string>{{ item.0 }}.p12</string> <string>{{ item.0 }}.p12</string>
<key>PayloadIdentifier</key> <key>PayloadIdentifier</key>
<string>com.apple.security.pkcs12.1FB2907D-14D3-4BAB-A472-B304F4B7F7D9</string> <string>com.apple.security.pkcs12.{{ pkcs12_PayloadCertificateUUID }}</string>
<key>PayloadType</key> <key>PayloadType</key>
<string>com.apple.security.pkcs12</string> <string>com.apple.security.pkcs12</string>
<key>PayloadUUID</key> <key>PayloadUUID</key>
<string>1FB2907D-14D3-4BAB-A472-B304F4B7F7D9</string> <string>{{ pkcs12_PayloadCertificateUUID }}</string>
<key>PayloadVersion</key> <key>PayloadVersion</key>
<integer>1</integer> <integer>1</integer>
</dict> </dict>
@ -131,11 +131,11 @@
<key>PayloadDisplayName</key> <key>PayloadDisplayName</key>
<string>{{ IP_subject_alt_name }}</string> <string>{{ IP_subject_alt_name }}</string>
<key>PayloadIdentifier</key> <key>PayloadIdentifier</key>
<string>com.apple.security.root.32EA3AAA-D19E-43EF-B357-608218745A38</string> <string>com.apple.security.root.{{ CA_PayloadIdentifier }}</string>
<key>PayloadType</key> <key>PayloadType</key>
<string>com.apple.security.root</string> <string>com.apple.security.root</string>
<key>PayloadUUID</key> <key>PayloadUUID</key>
<string>32EA3AAA-D19E-43EF-B357-608218745A38</string> <string>{{ CA_PayloadIdentifier }}</string>
<key>PayloadVersion</key> <key>PayloadVersion</key>
<integer>1</integer> <integer>1</integer>
</dict> </dict>
@ -148,16 +148,16 @@
{% endif %} {% endif %}
<key>PayloadIdentifier</key> <key>PayloadIdentifier</key>
{% if proxy_enabled is defined and proxy_enabled == true %} {% if proxy_enabled is defined and proxy_enabled == true %}
<string>donut.local.37CA79B1-FC6A-421F-960A-90F91FC983BA</string> <string>donut.local.{{ 600000 | random | to_uuid | upper }}</string>
{% else %} {% else %}
<string>donut.local.37CA79B1-FC6A-421F-960A-90F91FC983BE</string> <string>donut.local.{{ 500000 | random | to_uuid | upper }}</string>
{% endif %} {% endif %}
<key>PayloadRemovalDisallowed</key> <key>PayloadRemovalDisallowed</key>
<false/> <false/>
<key>PayloadType</key> <key>PayloadType</key>
<string>Configuration</string> <string>Configuration</string>
<key>PayloadUUID</key> <key>PayloadUUID</key>
<string>743B04A8-5725-45A2-B1BB-836F8C16DB0A</string> <string>{{ 400000 | random | to_uuid | upper }}</string>
<key>PayloadVersion</key> <key>PayloadVersion</key>
<integer>1</integer> <integer>1</integer>
</dict> </dict>