Openvpn client fqdn pr 2.x (#1506)

gregharvey · web-flow · commit dd414608eada · 2024-03-12T17:30:19.000+01:00
* Supporting a fixed PHP version with a fixed port number.

* Accidently re-added the old VPN role - re-deleting!

* Handling allowing client config template for ovpn to have an FQDN.

* Let's not assume port 1194 for ovpn.

* Tweaking FQDN handling in ovpn.
diff --git a/docs/roles/debian/openvpn.md b/docs/roles/debian/openvpn.md
@@ -20,7 +20,7 @@ At the moment we do not support headless customisation of encryption settings. T
 ---
 openvpn:
   script_install_path: "/home/{{ user_provision.username }}"
-  fqdn: "" # fully qualified domain name of VPN server for use in client config, uses IP address if empty
+  fqdn: "" # fully qualified domain name of VPN server for use in client config, uses IP address if empty - only works with port_choice: "1"
   auto_install: true
   # post install server config tweaks
   ipv4_settings: "" # defaults to `10.8.0.0 255.255.255.0` - example, to use 192.168.140.0/24 set "192.168.140.0 255.255.255.0"
diff --git a/roles/debian/openvpn/README.md b/roles/debian/openvpn/README.md
@@ -20,7 +20,7 @@ At the moment we do not support headless customisation of encryption settings. T
 ---
 openvpn:
   script_install_path: "/home/{{ user_provision.username }}"
-  fqdn: "" # fully qualified domain name of VPN server for use in client config, uses IP address if empty
+  fqdn: "" # fully qualified domain name of VPN server for use in client config, uses IP address if empty - only works with port_choice: "1"
   auto_install: true
   # post install server config tweaks
   ipv4_settings: "" # defaults to `10.8.0.0 255.255.255.0` - example, to use 192.168.140.0/24 set "192.168.140.0 255.255.255.0"
diff --git a/roles/debian/openvpn/defaults/main.yml b/roles/debian/openvpn/defaults/main.yml
@@ -1,7 +1,7 @@
 ---
 openvpn:
   script_install_path: "/home/{{ user_provision.username }}"
-  fqdn: "" # fully qualified domain name of VPN server for use in client config, uses IP address if empty
+  fqdn: "" # fully qualified domain name of VPN server for use in client config, uses IP address if empty - only works with port_choice: "1"
   auto_install: true
   # post install server config tweaks
   ipv4_settings: "" # defaults to `10.8.0.0 255.255.255.0` - example, to use 192.168.140.0/24 set "192.168.140.0 255.255.255.0"
diff --git a/roles/debian/openvpn/tasks/main.yml b/roles/debian/openvpn/tasks/main.yml
@@ -168,11 +168,12 @@
     mode: '0644'
   when: openvpn.tls_cipher | length > 0
 
+# Only works when openvpn.port_choice == '1' because otherwise port will not be 1194 and regexp will not match
 - name: Use FQDN as OpenVPN server remote in client config.
   ansible.builtin.lineinfile:
     path: /etc/openvpn/client-template.txt
-    regexp: '^remote (.*)'
-    line: "remote {{ openvpn.fqdn }}"
+    regexp: '^remote (.*) 1194'
+    line: "remote {{ openvpn.fqdn }} 1194"
     owner: root
     group: root
     mode: '0644'
