professional-service-best-practices/terraform-strongswan-deployment
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
terraform-strongswan-deploy.../cloud-init.yaml
Mauritz Uphoff fb87dbaaca
All checks were successful
CI / TruffleHog Secrets Scan (push) Successful in 5s
Details
CI / Terraform Format & Validate (push) Successful in 7s
Details
Initial commit
2025-07-02 11:11:22 +02:00

34 lines
No EOL
749 B
YAML
Raw Blame History

#cloud-config
package_update: true
packages:
- strongswan
- iptables
write_files:
- path: /etc/ipsec.conf
content: |
config setup
charondebug="ike 2, knl 2, cfg 2, net 2, esp 2, dmn 2, mgr 2"
conn net-net
auto=start
keyexchange=ikev2
authby=psk
left=%any
leftid=${local_ip}
leftsubnet=${local_subnet}
right=${remote_ip}
rightsubnet=${remote_subnet}
ike=aes256-sha1-modp1024!
esp=aes256-sha1!
dpdaction=restart
dpddelay=30s
dpdtimeout=120s
- path: /etc/ipsec.secrets
content: |
${local_ip} ${remote_ip} : PSK "${psk}"
runcmd:
- sysctl -w net.ipv4.ip_forward=1
- systemctl enable --now strongswan
Reference in a new issue View git blame Copy permalink