openvpn: Run OpenVPN with the \_openvpn user and group instead of nobody which is originally for NFS

unstable
Jérémy Dubois 3 weeks ago
parent 7e979132f7
commit c3be57410d
  1. 1
      CHANGELOG.md
  2. 8
      openvpn/tasks/debian.yml
  3. 4
      openvpn/templates/server.conf.j2

@ -26,6 +26,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
* openvpn: automate the initialization of the CA and the creation of the server certificate ; use openssl_dhparam module instead of a command
* nagios-nrpe: Add check_domains
* generate-ldif: support any version of MariaDB (instead of only 10.0, 10.1 and 10.3)
* openvpn: Run OpenVPN with the \_openvpn user and group instead of nobody which is originally for NFS
### Fixed

@ -12,6 +12,14 @@
- client
- server
- name: Create the _openvpn user
user:
name: _openvpn
system: yes
create_home: no
home: "/nonexistent"
shell: "/usr/sbin/nologin"
- name: Create the shellpki user
user:
name: shellpki

@ -1,5 +1,5 @@
user nobody
group nogroup
user _openvpn
group _openvpn
local {{ ansible_default_ipv4.address }}
port 1194

Loading…
Cancel
Save