Releases: linux-system-roles/vpn
Version 1.3.5
[1.3.5] - 2022-07-19
New Features
- none
Bug Fixes
- none
Other Changes
-
gather network facts default_ipv4 default_ipv6 (#56)
- Gather fact subset
networkinstead ofmin - Ensure facts
default_ipv4anddefault_ipv6 - Ensure all tests work when using ANSIBLE_GATHERING=explicit
- Gather fact subset
-
make min_ansible_version a string in meta/main.yml (#57)
The Ansible developers say that min_ansible_version in meta/main.yml
must be a string value like "2.9", not a float value like 2.9.
- Add CHANGELOG.md (#58)
Add tests::no_serialization tag to tests/tests_host_to_host_psk.yml for CI. (#54)
Add tests::no_serialization tag to tests/tests_host_to_host_psk.yml for CI. (#54)
[citest skip] bump tox-lsr version to 2.11.0; remove py37; add py310 (#55)
tox-lsr version 2.11.0 has support for collection-requirements.yml,
runqemu improvements, and support for python 3.10
python 3.7 is not used on any supported platform, so remove it
Signed-off-by: Rich Megginson [email protected]
support gather_facts: false; support setup-snapshot.yml (#52)
support gather_facts: false; support setup-snapshot.yml (#52)
Some users use gather_facts: false in their playbooks. This changes
the role to work in that case, by gathering only the facts it requires
to run.
CI testing can be sped up by creating a snapshot image pre-installed
with packages. tests/setup-snapshot.yml can be used by a CI system
to do this.
consistently use ansible_managed in configuration files managed by role
System Roles should consistently use ansible_managed in configuration files it manages (#45)
bz#2044640
Tests need to support multiline by adding "multiline=True".
Create policy files private, clear, private-or-clear in
/etc/ipsec.d/policies/ from a template policy.j2 for the
entire file, which has the {{ ansible_managed | comment }}
header in it.
In tests_host_to_*.yml, to check the contents of secret files,
instead of comparing the entire content with the expected line,
examine if the expected line exists in the secret file to ignore
the added ansible managed comment.
Signed-off-by: Noriko Hosoi [email protected]
fix issue with filter `vpn_ipaddr` not found
script to convert vpn_ipaddr to FQCN (#46)
Have a custom script to use to convert usage of vpn_ipaddr
to FQCN when converting the role to collection format.
[citest skip] bump tox-lsr version to 2.9.1 (#49)
Signed-off-by: Rich Megginson [email protected]
Use custom vpn_ipaddr filter - remove recursive symlinks
update tox-lsr version to 2.8.0
New version adds check for proper commenting of the ansible_managed var
Signed-off-by: Sergei Petrosian [email protected]
Run the new tox test (#40)
- update tox-lsr version to 2.8.0
New version adds check for proper commenting of the ansible_managed var
Signed-off-by: Sergei Petrosian [email protected]
- Run the new tox test
Signed-off-by: Sergei Petrosian [email protected]
change recursive role symlink to individual role dir symlinks (#43)
Signed-off-by: Rich Megginson [email protected]
use custom vpn_ipaddr filter (#42)
- use custom vpn_ipaddr filter
Use a custom vpn_ipaddr filter which uses ipaddress instead of
netaddr. ipaddress is built-in to python3. On python 2 systems,
the user must install ipaddress on the controller. This is
available as python-ipaddress on all EL7 systems.
This is based on the ansible.netcommon.ipaddr filter, but with most
of the functionality removed except that which is necessary for
the VPN role.
- ensure openssl exists on the controller
The role needs openssl installed on the controller in order to
generate PSKs. If you do not need to generate PSKs, and you do
not want to install openssl on the controller, set
vpn_ensure_openssl: false.
- add filter_plugins symlink
bump tox-lsr version to 2.8.3 (#44)
Signed-off-by: Rich Megginson [email protected]
add meta/requirements.yml; test with ansible 2.12; update readme
Add meta/requirements.yml; support ansible-core 2.11
The vpn role requires ansible.netcommon.ipaddr.
Add a requirement for the ansible.netcommon collection.
Update .ansible-lint to support meta/requirements.yml.
Update meta data in main.yml.
Convert playbook-like tests/tasks/cleanup.yml to the task format.
Add meta/requirements.yml; support ansible-core 2.11
Update the "Requirements" section in README.md.
Modifications and clarifications to the readme (#33)
-
Modifications and clarifications to the readme
-
Update README.md
Resolved comments from Daiki and Rich
Co-authored-by: Richard Megginson [email protected]
support python 39, ansible-core 2.12, ansible-plugin-scan (#36)
add netaddr dep for qemu (#37)
update tox-lsr version to 2.7.1 (#38)
update the tox-lsr version used in github actions tox CI
to 2.7.1
The only difference between this an 2.7.0 is that Ansible 2.12
is now GA.
Signed-off-by: Rich Megginson [email protected]
Support ansible-core; use apt-get install -y
use tox-lsr version 2.5.1
This version removes support for molecule until we can figure out
what to do about molecule. This should make all of the tox tests
pass (except for python 2.6).
Signed-off-by: Rich Megginson [email protected]
use apt-get install -y
Signed-off-by: Rich Megginson [email protected]
use wait_for_connection instead of wait_for with ssh
The check using wait_for to check the ssh port does not work
reliably with qemu based testing, because the IP address inside
the VM is not always resolvable externally, and the port number
is different from 22 as well. Instead, use the wait_for_connection
module which explicitly tests that Ansible can connection to the
host using its transport mechanism, which I think is what this
check is trying to do.
do not use json_query - not needed here
drop support for ansible 2.8
Drop support for Ansible 2.8 by bumping the Ansible version to 2.9
min_ansible_version is now 2.9
Bug 1989197 - drop support for Ansible 2.8
https://bugzilla.redhat.com/show_bug.cgi?id=1989197
Support opportunistic mesh configuration
Support opportunistic mesh configuration - can automatically encrypt
connections to other machines on specified subnets - instead of having
to create separate pairs of connections for many machines
Support EL 7, 9
Other bug fixes
Fix lint issues