diff --git a/config.cfg b/config.cfg index 27cb29d6a..6d579b71e 100644 --- a/config.cfg +++ b/config.cfg @@ -206,7 +206,7 @@ cloud_providers: image: Ubuntu 22.04 Jammy Jellyfish arch: x86_64 hetzner: - server_type: cx11 + server_type: cx22 image: ubuntu-22.04 openstack: flavor_ram: ">=512" diff --git a/docs/deploy-from-cloudshell.md b/docs/deploy-from-cloudshell.md index 2e75e910e..f0f0fed41 100644 --- a/docs/deploy-from-cloudshell.md +++ b/docs/deploy-from-cloudshell.md @@ -1,5 +1,4 @@ # Deploy from Google Cloud Shell -**IMPORTANT NOTE: As of 2021-12-14 Algo requires Python 3.8, but Google Cloud Shell only provides Python 3.7.3. The instructions below will not work until Google updates Cloud Shell to have at least Python 3.8.** If you want to try Algo but don't wish to install the software on your own system you can use the **free** [Google Cloud Shell](https://cloud.google.com/shell/) to deploy a VPN to any supported cloud provider. Note that you cannot choose `Install to existing Ubuntu server` to turn Google Cloud Shell into your VPN server. diff --git a/roles/cloud-vultr/tasks/prompts.yml b/roles/cloud-vultr/tasks/prompts.yml index 7813b0f5b..51e2ddd61 100644 --- a/roles/cloud-vultr/tasks/prompts.yml +++ b/roles/cloud-vultr/tasks/prompts.yml @@ -54,5 +54,5 @@ set_fact: algo_vultr_region: >- {% if region is defined %}{{ region }} - {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['name'] | lower }} + {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['regioncode'] | lower }} {%- else %}{{ vultr_regions[default_region | int - 1]['regioncode'] | lower }}{% endif %} diff --git a/roles/strongswan/tasks/openssl.yml b/roles/strongswan/tasks/openssl.yml index f51ac9dd0..f51a74dc3 100644 --- a/roles/strongswan/tasks/openssl.yml +++ b/roles/strongswan/tasks/openssl.yml @@ -155,10 +155,25 @@ format: OpenSSH with_items: "{{ users }}" + - name: Get OpenSSL version + shell: | + set -o pipefail + {{ openssl_bin }} version | + cut -f 2 -d ' ' + args: + executable: bash + register: ssl_version + run_once: true + + - name: Set OpenSSL version fact + set_fact: + openssl_version: "{{ ssl_version.stdout }}" + - name: Build the client's p12 shell: > umask 077; {{ openssl_bin }} pkcs12 + {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }} -in certs/{{ item }}.crt -inkey private/{{ item }}.key -export @@ -175,6 +190,7 @@ shell: > umask 077; {{ openssl_bin }} pkcs12 + {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }} -in certs/{{ item }}.crt -inkey private/{{ item }}.key -export diff --git a/users.yml b/users.yml index e9e8c0868..77c81a90b 100644 --- a/users.yml +++ b/users.yml @@ -25,18 +25,17 @@ set_fact: server_list: >- [{% for i in _configs_list.files %} - {% set config = lookup('file', i.path)|from_yaml %} - '{{ config.server }}' - {{ ',' if not loop.last else '' }} + {% set config = lookup('file', i.path) | from_yaml %} + {{ {'server': config.server, 'IP_subject_alt_name': config.IP_subject_alt_name} }} {% endfor %}] - name: Server address prompt pause: prompt: | - Select the server to update user list below: + Select the server to update user list below: {% for r in server_list %} - {{ loop.index }}. {{ r }} - {% endfor %} + {{ loop.index }}. {{ r.server }} ({{ r.IP_subject_alt_name }}) + {% endfor %} register: _server when: server is undefined @@ -45,7 +44,7 @@ set_fact: algo_server: >- {% if server is defined %}{{ server }} - {%- elif _server.user_input %}{{ server_list[_server.user_input | int -1 ] }} + {%- elif _server.user_input %}{{ server_list[_server.user_input | int -1 ].server }} {%- else %}omit{% endif %} - name: Import host specific variables