Role for Dante installation and configuration.
- role: danteAlthough, it will use the default configuration, which could not suit the target environment (e.g. protocols and interfaces). Usage example with custom parameters:
- role: dante
dante_internal:
- '0.0.0.0 port = 1080'
- ':: port = 1080'
dante_internal_protocol:
- ipv4
- ipv6
dante_external:
- eth0
dante_external_protocol:
- ipv4
- ipv6
dante_socksmethod: 'pam.username none'
dante_clientmethod: 'none'
dante_pam_auth:
user: 'some_username'
password: 'password123'
dante_access_rules:
- { name: test,
mode: block,
from: '192.0.2.22/24',
to: '0.0.0.0/0',
log: 'error'
}
dante_command_rules:
- { comment: test,
action: block,
socksmethod: none,
from: '0.0.0.0/0',
to: 'www.example.org',
command: 'bind connect udpassociate',
protocol: tcp udp,
log: 'error'
}| Param | Default | Description |
|---|---|---|
dante_setup |
full |
Setup mode. See OSSHelp KB article |
dante_internal |
see defaults | Array to describe where daemon should listen on. |
dante_internal_protocol |
[ipv4, ipv6] |
Array, describing which protocols should be used for incoming traffic. |
dante_external |
[eth0] |
Array, describing which interfaces should be used for outgoing traffic. |
dante_external_protocol |
[ipv4, ipv6] |
Array, describing which protocols should be used for outgoing traffic. |
dante_socksmethod |
- | Sets socks authentication method, see the docs |
dante_clientmethod |
- | Sets client authentication method, see the docs |
dante_access_rules |
- | Array for setting client access rules, see the docs and example above. |
dante_command_rules |
- | Array for setting command rules, see the docs and example above. |
systemd_unit_override |
- | Options for enable systemd unit override for dante (false by default). |
dante_pam_auth.user, dante_pam_auth.password |
- | Username and password for PAM Authentication |
None, so far.
- add focal support
GPL3
OSSHelp Team, see https://oss.help