You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Lyz 36043934f4
Updated readme
1 month ago
defaults Updated readme 1 month ago
meta First version 1 month ago
molecule Change vpn mark to 1 1 month ago
tasks Change vpn mark to 1 1 month ago
templates First version 1 month ago
.gitignore added gitignore 1 month ago
.yamllint First version 1 month ago Updated history 1 month ago Updated readme 1 month ago


Role to configure openvpn with DNS and IP leak protection

Performs the next actions:

  • Install the necessary packages
  • Deploy the configurations
  • Create unprivileged vpn user.
  • Set vpn dns and make it immutable

If you want to use the killswitch you’ll have to use the iptables role.


  • Introduce a compressed file with the configuration files under files/

Role Variables

  • openvpn_as_service: Decide if you want a startup service that starts the vpn. Beware it needs to store the user credentials as a plaintext file (Default: false).
  • openvpn_user: User
  • openvpn_password: Password
  • openvpn_config_name: If the service is enabled, specify which configuration to load (don’t add the .ovpn part).
  • openvpn_dns_servers: Your vpn provider DNS servers (Default: [])



Example playbook

- hosts: all
    - openvpn


To test the role you need molecule.

molecule test

There is a molecule scenario for the case of the service enabled but it only works if you set up a valid openvpn configuration, which I’m not going to push to this repository :P.



Author Information

Lyz (