|
@@ -14,43 +14,56 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
tasks:
|
|
tasks:
|
|
|
- - name: Select random NordVPN Endpoint
|
|
|
|
|
- ansible.builtin.set_fact:
|
|
|
|
|
- nord_endpoint: "{{ vaulted_openvpn_remotes | random }}"
|
|
|
|
|
|
|
+ - name: Change Nord Endpoint
|
|
|
|
|
+ ansible.builtin.shell:
|
|
|
|
|
+ cmd: nordvpn connect
|
|
|
|
|
|
|
|
|
|
+ - name: Query Nord Endpoint Info
|
|
|
|
|
+ ansible.builtin.shell:
|
|
|
|
|
+ cmd: "nordvpn status | grep Hostname | awk '{print $2}'"
|
|
|
|
|
+ register: nord_status
|
|
|
|
|
|
|
|
- - name: Set config from chosen endpoint "{{ nord_endpoint.cn }}"
|
|
|
|
|
- ansible.builtin.set_fact:
|
|
|
|
|
- nord_remote: "{{ nord_endpoint.remote }}"
|
|
|
|
|
- nord_cn: "{{ nord_endpoint.cn }}"
|
|
|
|
|
|
|
+ - name: "NordVPN Endpoint"
|
|
|
|
|
+ debug:
|
|
|
|
|
+ msg: "{{ nord_status.stdout }}"
|
|
|
|
|
|
|
|
|
|
+# - name: Select random NordVPN Endpoint
|
|
|
|
|
+# ansible.builtin.set_fact:
|
|
|
|
|
+# nord_endpoint: "{{ vaulted_openvpn_remotes | random }}"
|
|
|
|
|
|
|
|
- - name: Update config file settings
|
|
|
|
|
- ansible.builtin.lineinfile:
|
|
|
|
|
- path: /etc/openvpn/nord.conf
|
|
|
|
|
- regexp: "{{ item.regexp }}"
|
|
|
|
|
- line: "{{ item.line }}"
|
|
|
|
|
- loop:
|
|
|
|
|
- - { "label": "remote", "regexp": "^remote ", "line": "remote {{ nord_remote }} 443" }
|
|
|
|
|
- - { "label": "cn", "regexp": "^verify-x509-name", "line": "verify-x509-name CN={{ nord_cn }}" }
|
|
|
|
|
- loop_control:
|
|
|
|
|
- label: "{{ item.label }}"
|
|
|
|
|
|
|
|
|
|
|
|
+# - name: Set config from chosen endpoint "{{ nord_endpoint.cn }}"
|
|
|
|
|
+# ansible.builtin.set_fact:
|
|
|
|
|
+# nord_remote: "{{ nord_endpoint.remote }}"
|
|
|
|
|
+# nord_cn: "{{ nord_endpoint.cn }}"
|
|
|
|
|
|
|
|
- - name: Update motd script with new endpoint
|
|
|
|
|
- ansible.builtin.lineinfile:
|
|
|
|
|
- path: /usr/local/bin/vpn-endpoint
|
|
|
|
|
- regexp: "^endpoint="
|
|
|
|
|
- line: "endpoint={{ nord_cn }}"
|
|
|
|
|
|
|
|
|
|
|
|
+# - name: Update config file settings
|
|
|
|
|
+# ansible.builtin.lineinfile:
|
|
|
|
|
+# path: /etc/openvpn/nord.conf
|
|
|
|
|
+# regexp: "{{ item.regexp }}"
|
|
|
|
|
+# line: "{{ item.line }}"
|
|
|
|
|
+# loop:
|
|
|
|
|
+# - { "label": "remote", "regexp": "^remote ", "line": "remote {{ nord_remote }} 443" }
|
|
|
|
|
+# - { "label": "cn", "regexp": "^verify-x509-name", "line": "verify-x509-name CN={{ nord_cn }}" }
|
|
|
|
|
+# loop_control:
|
|
|
|
|
+# label: "{{ item.label }}"
|
|
|
|
|
|
|
|
- - name: Bounce {{ openvpn_service }} service
|
|
|
|
|
- ansible.builtin.systemd_service:
|
|
|
|
|
- name: "{{ openvpn_service }}"
|
|
|
|
|
- state: restarted
|
|
|
|
|
|
|
|
|
|
|
|
+# - name: Update motd script with new endpoint
|
|
|
|
|
+# ansible.builtin.lineinfile:
|
|
|
|
|
+# path: /usr/local/bin/vpn-endpoint
|
|
|
|
|
+# regexp: "^endpoint="
|
|
|
|
|
+# line: "endpoint={{ nord_cn }}"
|
|
|
|
|
|
|
|
- - name: Bounce unbound service
|
|
|
|
|
- ansible.builtin.systemd_service:
|
|
|
|
|
- name: unbound
|
|
|
|
|
- state: restarted
|
|
|
|
|
|
|
+
|
|
|
|
|
+# - name: Bounce {{ openvpn_service }} service
|
|
|
|
|
+# ansible.builtin.systemd_service:
|
|
|
|
|
+# name: "{{ openvpn_service }}"
|
|
|
|
|
+# state: restarted
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
+# - name: Bounce unbound service
|
|
|
|
|
+# ansible.builtin.systemd_service:
|
|
|
|
|
+# name: unbound
|
|
|
|
|
+# state: restarted
|
Blaine Story