[Swan-dev] [Swan-announce] VPN System Role support for libreswan released

The Libreswan Team team at libreswan.org
Tue Feb 23 18:00:05 UTC 2021

Libreswan based VPN System Role available

The Linux System Roles are a set of Ansible Roles, also available as
an Ansible Collection, used to manage and configure common GNU/Linux
operating system components. Conceptually, the intent is to provide
for the operating system components an automation “API” that is
consistent across multiple major and minor releases.


There is now a new VPN System Role that uses libreswan written by Mary
Provencher that can be used to configure host-to-host, net-to-net and
mesh (opportunistic) VPNs using an ansible inventory of hosts.

Such an inventory for the basic host-to-host cases could look like:

     bastion1.example.com: {...}
     bastion2.example.com: {...}
     bastion3.example.com: {...}
       - hosts:

The role will set up a vpn tunnel between each pair of hosts in the list
of vpn_connections, using the default parameters, including generating
keys as needed. This role assumes that the names of the hosts under hosts
are the same as the names of the hosts used in the Ansible inventory,
and that you can use those names to configure the tunnels (i.e. they
are real FQDNs that resolve correctly).

For more information see https://github.com/linux-system-roles/vpn

Swan-announce mailing list
Swan-announce at lists.libreswan.org

More information about the Swan-dev mailing list