ansible-playbooks/obfs4-openvpn-server/playbook.yml

- hosts: vpnservers
  gather_facts: yes
  become_user: root
  tasks:
  - name: Check OpenVPN installation.
    stat: 
      path: /etc/openvpn/server.conf
    register: openvpn_config_file
  - name: Download OpenVPN install script.
    get_url:
      url: https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
      dest: /etc/openvpn-install.sh
    when: openvpn_config_file.stat.exists == false
  - name: Install OpenVPN.
    command: bash /etc/openvpn-install.sh
    environment:
      APPROVE_INSTALL: y
      APPROVE_IP: y
      IPV6_SUPPORT: n
      PORT_CHOICE: 1
      PROTOCOL_CHOICE: 2
      DNS: 7
      COMPRESSION_ENABLED: n
      CUSTOMIZE_ENC: n
      CLIENT: client
      PASS: 1
    when: openvpn_config_file.stat.exists == false
  - name: Fetch OpenVPN client file.
    fetch:
      src: /root/client.ovpn
      dest: .
      mode: 0774
  - name: Install Obfs4.
    apt: pkg=obfs4proxy state=present
  - name: Create Obfs4 config directories.
    file:
      path: /var/lib/tor/pt_state/obfs4
      state: directory
  - name: Copy Obfs4 config.
    copy:
      src: obfs4.config
      dest: /var/lib/tor/pt_state/obfs4/obfs4.config
  - name: Create a systemd service for Obfs4.
    copy:
      src: obfs4proxy.service
      dest: /etc/systemd/system/obfs4proxy.service
  - name: Enable the systemd service for Obfs4.
    systemd:
      name: obfs4proxy
      state: started
      enabled: yes
  - name: Fetch the Obfs4 certificate.
    fetch:
      src: /var/lib/tor/pt_state/obfs4/obfs4_bridgeline.txt
      dest: .
      mode: 0774
  - name: Install Firewall
    apt: pkg=ufw state=present
  - name: Firewall - Limit ssh/tcp
    ufw:
      rule: limit
      port: ssh
      proto: tcp
  - name: Firewall - Limit 443/tcp
    ufw:
      rule: limit
      port: 443
      proto: tcp
  - name: Firewall - Enable
    ufw:
      state: enabled
      logging: on
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`- hosts: vpnservers`
			`gather_facts: yes`
			`become_user: root`
			`tasks:`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Check OpenVPN installation.`
			`stat:`
			`path: /etc/openvpn/server.conf`
			`register: openvpn_config_file`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`- name: Download OpenVPN install script.`
			`get_url:`
			`url: https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh`
			`dest: /etc/openvpn-install.sh`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`when: openvpn_config_file.stat.exists == false`
			`- name: Install OpenVPN.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`command: bash /etc/openvpn-install.sh`
			`environment:`
			`APPROVE_INSTALL: y`
			`APPROVE_IP: y`
			`IPV6_SUPPORT: n`
			`PORT_CHOICE: 1`
			`PROTOCOL_CHOICE: 2`
			`DNS: 7`
			`COMPRESSION_ENABLED: n`
			`CUSTOMIZE_ENC: n`
			`CLIENT: client`
			`PASS: 1`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`when: openvpn_config_file.stat.exists == false`
			`- name: Fetch OpenVPN client file.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`fetch:`
			`src: /root/client.ovpn`
			`dest: .`
			`mode: 0774`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Install Obfs4.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`apt: pkg=obfs4proxy state=present`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Create Obfs4 config directories.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`file:`
			`path: /var/lib/tor/pt_state/obfs4`
			`state: directory`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Copy Obfs4 config.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`copy:`
			`src: obfs4.config`
			`dest: /var/lib/tor/pt_state/obfs4/obfs4.config`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Create a systemd service for Obfs4.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`copy:`
			`src: obfs4proxy.service`
			`dest: /etc/systemd/system/obfs4proxy.service`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Enable the systemd service for Obfs4.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`systemd:`
			`name: obfs4proxy`
			`state: started`
			`enabled: yes`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Fetch the Obfs4 certificate.`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00			`fetch:`
			`src: /var/lib/tor/pt_state/obfs4/obfs4_bridgeline.txt`
			`dest: .`
			`mode: 0774`
Improve openvpn+obfs4 recipe 2019-04-14 14:00:11 +03:00			`- name: Install Firewall`
			`apt: pkg=ufw state=present`
			`- name: Firewall - Limit ssh/tcp`
			`ufw:`
			`rule: limit`
			`port: ssh`
			`proto: tcp`
			`- name: Firewall - Limit 443/tcp`
			`ufw:`
			`rule: limit`
			`port: 443`
			`proto: tcp`
			`- name: Firewall - Enable`
			`ufw:`
			`state: enabled`
			`logging: on`
Add ansible playbook for obfs4-openvpn server 2019-04-11 23:54:22 +03:00