ansible-role-strongswan/README.md

# Ansible role: Strongswan

[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-strongswan/releases)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-strongswan/src/branch/master/LICENSE)

Install and configure a IPSEC server with strongswan

## Requirements

* Ansible >= 2.9
* Debian
  * Buster
  * Bullseye

## Role variables

- `strongswan_default_config` - set the default connection config

```
  type: tunnel
  auto: start
  keyexchange: ikev1
  authby: secret
  ike: aes256-sha256-modp2048
  esp: aes256-sha256-modp2048
  ikelifetime: 10800s
  lifetime: 3600s
  aggressive: false
```

`strongswan_connections` - hash with the IPSEC connections

```
   test-ipsec:
     left: 192.168.0.1
     leftsubnet: 10.0.0.0/24
     right: 192.168.0.2
     rightsubnet: 10.1.0.0/24
     psk: secret
```

## How to use

```
- hosts: server
  roles:
    - strongswan
```

## Development

### Test with molecule and docker

* install [docker](https://docs.docker.com/engine/installation/)
* install `python3` and `python3-pip`
* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
* run `molecule test`

## License

```
Copyright (c) 2021 Adrien Waksberg

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```