--- # Add as many users as you want for your VPN server here users: - dan - jack # Add an email address to send logs if you're using auditd for monitoring. # Avoid using '+' in your email address otherwise auditd will fail to start. auditd_action_mail_acct: email@example.com ### Advanced users only below this line ### # If True re-init all existing certificates. (True or False) easyrsa_reinit_existent: False vpn_network: 10.19.48.0/24 # https://www.sixxs.net/tools/whois/?fd9d:bc11:4020::/48 vpn_network_ipv6: 'fd9d:bc11:4020::/48' server_name: "{{ ansible_ssh_host }}" IP_subject_alt_name: "{{ ansible_ssh_host }}" dns_servers: ipv4: - 8.8.8.8 - 8.8.4.4 ipv6: - 2001:4860:4860::8888 - 2001:4860:4860::8844 # IP address for the proxy and the local dns resolver local_service_ip: 172.16.0.1 pkcs12_PayloadCertificateUUID: "{{ 900000 | random | to_uuid | upper }}" VPN_PayloadIdentifier: "{{ 800000 | random | to_uuid | upper }}" CA_PayloadIdentifier: "{{ 700000 | random | to_uuid | upper }}" # Block traffic between connected clients BetweenClients_DROP: Y congrats: common: | "# Congratulations! #" "# Your Algo server is running. #" "# Config files and certificates are in the ./configs/ directory. #" "# Go to https://whoer.net/ after connecting #" "# and ensure that all your traffic passes through the VPN. #" "# Local DNS resolver and Proxy IP address: {{ local_service_ip }} #" p12_pass: | "# The p12 and SSH keys password is {{ easyrsa_p12_export_password }} #" ca_key_pass: | "# The CA key password is {{ easyrsa_CA_password }} #" ssh_access: | "# Shell access: ssh -i {{ ansible_ssh_private_key_file|default(omit) }} {{ ansible_ssh_user|default(omit) }}@{{ ansible_ssh_host|default(omit) }} #" SSH_keys: comment: algo@ssh private: configs/algo.pem public: configs/algo.pem.pub dynamic_inventory_groups: - azure - digitalocean - ec2 - gce - local