Done. #96

8 years ago · 8c284a16e3
parent 062426e0ec
commit 8c284a16e3
3 changed files with 51 additions and 1 deletions
--- a/roles/proxy/tasks/main.yml
+++ b/roles/proxy/tasks/main.yml
@ -84,3 +84,29 @@
    - restart apache2

 - meta: flush_handlers
+
+- name: Set facts for mobileconfigs
+  set_fact:
+    proxy_enabled: true
+
+- name: Register p12 PayloadContent
+  shell: >
+    cat /{{ easyrsa_dir }}/easyrsa3//pki/private/{{ item }}.p12 | base64
+  register:  PayloadContent
+  with_items: "{{ users }}"
+
+- name: Register CA PayloadContent
+  shell: >
+    cat /{{ easyrsa_dir }}/easyrsa3/pki/ca.crt | base64
+  register:  PayloadContentCA
+
+- name: Build the mobileconfigs
+  template: src=roles/vpn/templates/mobileconfig.j2 dest=/{{ easyrsa_dir }}/easyrsa3//pki/private/{{ item.0 }}_proxy.mobileconfig mode=0600
+  with_together:
+    - "{{ users }}"
+    - "{{ PayloadContent.results }}"
+  no_log: True
+
+- name: Fetch users mobileconfig
+  fetch: src=/{{ easyrsa_dir }}/easyrsa3//pki/private/{{ item }}_proxy.mobileconfig dest=configs/{{ IP_subject_alt_name }}_{{ item }}_proxy.mobileconfig flat=yes
+  with_items: "{{ users }}"
--- a/roles/vpn/tasks/main.yml
+++ b/roles/vpn/tasks/main.yml
@ -167,6 +167,10 @@
    cat /{{ easyrsa_dir }}/easyrsa3/pki/ca.crt | base64
  register:  PayloadContentCA

+- name: Set facts for mobileconfigs
+  set_fact:
+    proxy_enabled: false
+
 - name: Build the mobileconfigs
  template: src=mobileconfig.j2 dest=/{{ easyrsa_dir }}/easyrsa3//pki/private/{{ item.0 }}.mobileconfig mode=0600
  with_together:
--- a/roles/vpn/templates/mobileconfig.j2
+++ b/roles/vpn/templates/mobileconfig.j2
@ -76,12 +76,24 @@
            <key>Proxies</key>
            <dict>
                <key>HTTPEnable</key>
-                <integer>0</integer>
+{% if proxy_enabled is defined and proxy_enabled == true %}
+                <integer>1</integer>
+                <key>HTTPPort</key>
+                <integer>8118</integer>
+                <key>HTTPProxy</key>
+                <string>{{ local_service_ip }}</string>
+  {% else %}
+                <integer>1</integer>
+{% endif %}
                <key>HTTPSEnable</key>
                <integer>0</integer>
            </dict>
            <key>UserDefinedName</key>
+{% if proxy_enabled is defined and proxy_enabled == true %}
+            <string>{{ IP_subject_alt_name }} IKEv2 with proxy</string>
+  {% else %}
            <string>{{ IP_subject_alt_name }} IKEv2</string>
+{% endif %}
            <key>VPNType</key>
            <string>IKEv2</string>
        </dict>
@ -129,9 +141,17 @@
        </dict>
    </array>
    <key>PayloadDisplayName</key>
+{% if proxy_enabled is defined and proxy_enabled == true %}
+    <string>{{ IP_subject_alt_name }} IKEv2 with proxy</string>
+  {% else %}
    <string>{{ IP_subject_alt_name }} IKEv2</string>
+{% endif %}
    <key>PayloadIdentifier</key>
+{% if proxy_enabled is defined and proxy_enabled == true %}
+    <string>donut.local.37CA79B1-FC6A-421F-960A-90F91FC983BA</string>
+  {% else %}
    <string>donut.local.37CA79B1-FC6A-421F-960A-90F91FC983BE</string>
+{% endif %}
    <key>PayloadRemovalDisallowed</key>
    <false/>
    <key>PayloadType</key>