PLAY [Ensure that the role runs with default parameters] *********************** TASK [Gathering Facts] ********************************************************* [DEPRECATION WARNING]: Distribution fedora 32 on host west should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/ 2.9/reference_appendices/interpreter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ok: [west] [DEPRECATION WARNING]: Distribution fedora 32 on host east should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/ 2.9/reference_appendices/interpreter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ok: [east] TASK [linux-system-roles.vpn : set platform/version specific variables] ******** included: /testing/linux-system-roles.vpn/tasks/set_vars.yml for west, east TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** skipping: [west] => (item=RedHat.yml) skipping: [east] => (item=RedHat.yml) ok: [west] => (item=Fedora.yml) skipping: [west] => (item=Fedora_32.yml) skipping: [west] => (item=Fedora_32.yml) ok: [east] => (item=Fedora.yml) skipping: [east] => (item=Fedora_32.yml) skipping: [east] => (item=Fedora_32.yml) TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** ok: [west] TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** skipping: [west] TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** skipping: [west] TASK [linux-system-roles.vpn : generate psks] ********************************** ok: [west] TASK [linux-system-roles.vpn : set psks for hosts] ***************************** ok: [west] ok: [east] TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ TASK [linux-system-roles.vpn : check if secrets file already exists] *********** TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* TASK [linux-system-roles.vpn : build opportunistic configuration] ************** included: /testing/linux-system-roles.vpn/tasks/mesh_conf.yml for west, east TASK [linux-system-roles.vpn : Set current IP fact for each host] ************** ok: [west] ok: [east] TASK [linux-system-roles.vpn : Set IP with prefix register] ******************** ok: [east] ok: [west] TASK [linux-system-roles.vpn : Set net CIDR fact] ****************************** ok: [west] ok: [east] TASK [linux-system-roles.vpn : Set policies fact] ****************************** ok: [west] ok: [east] TASK [linux-system-roles.vpn : Apply the default policy as needed] ************* ok: [west] TASK [linux-system-roles.vpn : Write tunnel policies for each network] ********* changed: [west] => (item={'policy': 'private-or-clear', 'cidr': '192.1.2.0/24'}) changed: [east] => (item={'policy': 'private-or-clear', 'cidr': '192.1.2.0/24'}) changed: [east] => (item={'policy': 'clear', 'cidr': '192.1.2.254/32'}) changed: [west] => (item={'policy': 'clear', 'cidr': '192.1.2.254/32'}) changed: [west] => (item={'policy': 'private', 'cidr': '10.1.0.0/24'}) changed: [east] => (item={'policy': 'private', 'cidr': '10.1.0.0/24'}) TASK [linux-system-roles.vpn : Deploy opportunistic configuration to each node] *** changed: [west] changed: [east] RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** included: /testing/linux-system-roles.vpn/tasks/enable_restart_vpn.yml for west, east RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** changed: [west] => (item=ipsec) changed: [east] => (item=ipsec) RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** ok: [west] ok: [east] RUNNING HANDLER [linux-system-roles.vpn : send pings to initialize mesh connections] *** skipping: [west] => (item=west) changed: [east] => (item=west) changed: [west] => (item=east) skipping: [east] => (item=east) PLAY RECAP ********************************************************************* east : ok=15 changed=4 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0 west : ok=18 changed=4 unreachable=0 failed=0 skipped=5 rescued=0 ignored=0