40 lines
1.5 KiB
YAML
40 lines
1.5 KiB
YAML
---
|
|
# Validation Playbook - Test Configuration Before Deployment
|
|
|
|
- name: Validate Configuration
|
|
hosts: vpn_servers
|
|
gather_facts: no
|
|
|
|
tasks:
|
|
- name: Test connectivity
|
|
ansible.builtin.ping:
|
|
|
|
- name: Validate management_allowed_sources is defined
|
|
ansible.builtin.assert:
|
|
that:
|
|
- management_allowed_sources is defined
|
|
- management_allowed_sources | length > 0
|
|
fail_msg: "ERROR: management_allowed_sources must be defined in group_vars!"
|
|
success_msg: "✓ management_allowed_sources is configured"
|
|
|
|
- name: Validate VPN network is unique per host
|
|
ansible.builtin.debug:
|
|
msg: "{{ inventory_hostname }}: VPN network {{ wg_network }}, Server IP {{ wg_server_ip }}"
|
|
|
|
- name: Validate ValleyForge IP is set
|
|
ansible.builtin.assert:
|
|
that:
|
|
- valleyforge_public_ip is defined
|
|
- valleyforge_public_ip != "185.112.147.205" # Default placeholder
|
|
fail_msg: "ERROR: Please set valleyforge_public_ip to your actual ValleyForge IP!"
|
|
success_msg: "✓ ValleyForge IP is configured: {{ valleyforge_public_ip }}"
|
|
when: "'185.112.147.205' in management_allowed_sources"
|
|
|
|
- name: Display configuration summary
|
|
ansible.builtin.debug:
|
|
msg:
|
|
- "Host: {{ inventory_hostname }}"
|
|
- "VPN Network: {{ wg_network }}"
|
|
- "Management allowed from: {{ management_allowed_sources | join(', ') }}"
|
|
- "Users configured: {{ wg_peers | length }}"
|