refactor openvpn #90
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Ansible Installation | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the codebase. | |
uses: actions/checkout@v2 | |
# Taken here: https://community.openvpn.net/openvpn/wiki/OpenVPN3Linux | |
- name: Install OpenVPN | |
run: | | |
export DISTRO=$(lsb_release --codename | cut -f2) | |
sudo apt-get install -y apt-transport-https curl | |
sudo mkdir -p /etc/apt/keyrings | |
sudo curl -sSfL https://packages.openvpn.net/packages-repo.gpg | sudo tee /etc/apt/keyrings/openvpn.asc | |
echo "deb [signed-by=/etc/apt/keyrings/openvpn.asc] https://packages.openvpn.net/openvpn3/debian $DISTRO main" | sudo tee -a /etc/apt/sources.list.d/openvpn3.list | |
sudo apt-get update -y && sudo apt-get install -y openvpn3 | |
- name: Setup VPN config | |
run: | | |
echo -n "${{ secrets.VPN_CONFIG }}" | base64 -d > config.ovpn | |
sudo openvpn3 config-import --config config.ovpn --name HOME_VPN | |
sudo openvpn3 config-manage --config HOME_VPN --allow-compression yes | |
- name: Connect VPN | |
run: sudo openvpn3 session-start --config HOME_VPN | |
- name: Wait for a VPN connection | |
timeout-minutes: 1 | |
run: until ping -c1 192.168.0.2; do sleep 2; done | |
- name: Ping local servers (test) | |
run: | | |
ping 192.168.0.2 -c5 | |
ping 192.168.0.3 -c5 | |
ping 192.168.0.4 -c5 | |
ping 192.168.0.5 -c5 | |
ping 192.168.0.6 -c5 | |
ping 192.168.0.7 -c5 | |
ping 192.168.0.8 -c5 | |
ping 192.168.0.9 -c5 | |
ping 192.168.0.10 -c5 | |
- name: Run playbook | |
uses: dawidd6/action-ansible-playbook@v2 | |
with: | |
# Required, playbook filepath | |
playbook: install.yml | |
# Directory where playbooks live | |
directory: playbooks/ | |
# SSH private key | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
# Additional flags to pass to ansible-playbook | |
options: | | |
--inventory inventory/cluster/hosts.ini | |
--extra-vars ansible_sudo_pass=${{ secrets.PASSWORD }} | |
--verbose | |
- name: Kill VPN connection | |
if: always() | |
run: sudo openvpn3 session-manage --config HOME_VPN --disconnect |