Skip to content

Commit

Permalink
Openvpn (#80)
Browse files Browse the repository at this point in the history 
This bootstraps the OpenVPN host for @ainghazal to setup a openvpn
server on it.

He can potentially use this galaxy module to bootstrap the openvpn
server: https://github.com/robertdebock/ansible-role-openvpn
  • Loading branch information
@hellais
hellais authored Jul 25, 2024
1 parent d820d3c commit f91f8b3
Show file tree
Hide file tree
Showing 5 changed files with 50 additions and 0 deletions.
29 changes: 29 additions & 0 deletions ansible/host_vars/openvpn-server1.ooni.io
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
ssh_users:
agrabeli:
login: agrabeli
comment: Maria Xynou
keys: ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD0JSwM+t3Uz9lS3Mjoz9oo4vOToWyzboZhYQbP8JY5HvFtAvWanWHnUBO91t6hkgKIMiUqhdCJn26fqkhSGe/bRBaFUocOmuyfcmZoRdi0qzAskmycJsj/w6vWR4x6MYkmJvSeI/MGxjEFt4s2MfOG1tP8CBLUYft9qUleeJa7Jln8c+xbnqB7YngaI190icQHE9NuIB2CXvzbmo3tLtHNMagEwI7VoBDj6mxzTxBd9JhuhF4w5uGxxm0Gp1hzk+15obNnaBS+Anr7jXz8FPwwxCH+XhBZxB1PPpcIayKrf9iLyGtwmhkdDoWCqYAr1mue3LxFso+TZF4bwE4Cjt1 agrabelh@agrabelh"]
art:
login: art
comment: Arturo Filasto
keys: ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJsibU0nsQFFIdolD1POzXOws4VetV0ZNByINRzY8Hx0 [email protected]"]
majakomel:
login: majakomel
comment: Maja Komel
keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7gWQL4h/IyMbwDuMIXbTVmNEm8Yx19Ftt0P2e3OyWctSMH7WGaHc6b0dGoGh6Y4x0Kpw5h0iHWshP8Rg0pckNG9LeDjLY9nLR3Jv66ogFQtFi1DAlg4CXe369N70rBN9iurndgXjShW9OV+bY+MOlW8Fmmm67Vg0xFiYuYzjgUOpl4ofkbLGAQ7sJRBzpDV6TqHhGfOdYMDJyfFvurVz0oSyEZPFFRv4Css9iVk7BGsBukCCpUuax8akEeEjxWWCvjYXva7OA0jHKayfPAroZx/OJh01rhFe7wxlu5JwUKOcevvAZqeHh6200C82ijZOCN+Qq9yvxOH+OgzhnQwnoetIbGFgnb4CkDxo7dVLc/DFyObznC4f26f5D1OyPMUX8AEarEVdEPwsEfD2ePQr6qek0XWCWtYvGklb+GRLk9Yn0VL1qwvgrtstHdeXsKONTPKRxaCjWHu18dQaG2qOUnZ+St6SHeL49CN9aav2azNI/YKoQ9SGR4D23XeBRsW8="
mehul:
login: mehul
comment: Mehul Gulati
keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDEZSA9TKUaYWG8gfnMoyDZO2S6vsy87xma4R/EzNpveZiOZTYSNn+UDL8NpQRuH5YgdWuQV2E7sKw/PIYA0lC/QTiq8Btqf6sEK5YWXtQy+yn9q5kB/rmi8zjaz0FUNigRrjL+26ao+c7NKpgmR+TRqbRd5VeJ46PuFD5M3c+MBeUoF1PT0zfioQFJ1mQoXwVix0n260clEXQDp4t0GZuNpWGTS+YTuJZ2vl6TDZtt8jrnENd99QArr2KU+NMTq8T2KYcPeQOoYsm7v/1TBkbv9UStllhjdE7HZSivPT8oRkF2YZYgytDxtCZG8i5iCK+vbNn6QmZMjuXPoBUeW+Njm70tlsirrKpUX+QiogA2qljxPD9st2eUkA7cATyOBkK7WLh1HYv2xyKpPtkkaELG+EHjmaVjVdyVAgUYwqg+MbIw1OyDpNmMZcW3iOpGpflXPMmLjKNMhee0//G7NxcGfwmIMbIiBkeofOnWDrMo+0PRULFtn6C7aA7ddirck+k="
norbel:
login: norbel
comment: Norbel Ambanumben
keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBXprrutdT6AhrV9hWBKjyzq6RqGmCBWpWxi3qwJyRcBJfkiEYKV9QWl3H0g/Sg9JzLd9lWG2yfAai7cyBAT4Ih0+OhwQ0V7wkhBn4YkNjs7d4BGPHjuLIywS9VtmiyH7VafikMjmqPLL/uPBIbRrx9RuSfLkAuN9XFZpVmqzWY8ePpcRCvnG6ucPxEY8o+4j5nfTrgxSaIT31kH16/PFJe07tn1SZjxZE4sZTz/p9xKt6s8HXmlP3RdnXSpXWmH8ZwYDrNhkcH8m6mC3giiqSKThFdwvQVflRRvn9pAlUOhy6KIBtAt1KobVJtOCPrrkcLhQ1C+2P9wKhfYspCGrScFGnrUqumLxPpwlqILxJvmgqGAtkm8Ela9f2D9sEv8CUv5x9XptZKlyRhtOLixvLYoJlwfXXnmXa8T1pg8+4063BhHUOu/bg0InpSp3hdscOfk0R8FtDlXnn6COwbPXynIt4PxzIxD/WQhP0ymgH3ky6ClB5wRBVhOqYvxQw32n2QFS9A5ocga+nATiOE7BTOufgmDCA/OIXfJ/GukXRaMCBsvlx7tObHS1LOMt0I+WdoOEjI0ARUrFzwoiTrs9QYmd922e7S35EnheT3JjnCTjebJrCNtwritUy8vjsN/M27wJs7MAXleT7drwXXnm+3xYrH+4KQ+ru0dxMe1zfBw== [email protected]"
ain:
login: ain
comment: Ain
keys: ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH6Js4xtJq7AoYA8mFraQg8vYgKz/glil9AaPq4lDwtg ain@intertubes"]
admin_usernames: [ art, majakomel, mehul, norbel, ain ]
1 change: 1 addition & 0 deletions ansible/inventory
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
[all]
monitoring.ooni.org
openvpn-server1.ooni.io
7 changes: 7 additions & 0 deletions ansible/playbook.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,10 @@
- prometheus
- prometheus_blackbox_exporter
- prometheus_alertmanager

- name: Setup OpenVPN server
hosts: openvpn-server1.ooni.io
become: true
remote_user: root
roles:
- ssh_users
5 changes: 5 additions & 0 deletions ansible/roles/ssh_users/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
---
- name: ensure admin group exists
group:
name: "{{ admin_group_name }}"
state: present

- name: create admin users
tags: ssh_users
user:
Expand Down
8 changes: 8 additions & 0 deletions tf/environments/prod/dns_records.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -997,3 +997,11 @@ resource "aws_route53_record" "test-ooni-nu-_NS_" {
type = "NS"
zone_id = local.dns_root_zone_ooni_nu
}

resource "aws_route53_record" "openvpn-server1-ooni-io-_A_" {
name = "openvpn-server1.ooni.io"
records = ["37.218.243.98"]
ttl = "60"
type = "A"
zone_id = local.dns_root_zone_ooni_io
}

0 comments on commit f91f8b3

Please sign in to comment.