OpenVPN Server Deployment via Ansible

host_vars-slash-prod-vpn-server.yml

ansible_host: prod-vpn.yourfqdn.com # How Ansible will reach the Linux server for configuration
ansible_user: ubuntu # Which Linux user will Ansible use?
server_fqdn: "{{ ansible_host }}" # How your clients connect to the VPN server 

inventory.yml

all:
  hosts:
    prod-vpn-server:
prod:
  hosts:
    prod-vpn-server:
vpn_servers:
  children:
    prod:

vpn_server.yml

---
- hosts: vpn_servers
  vars:
    upgrade_packages: true
    openvpn_client_register_dns: false #set to true for windows clients
    openvpn_push:
      # Add private subnets here
      - route 10.1.0.0 255.255.0.0
    openvpn_server_network: 10.8.0.0
    clients:
      # Build client configs and save them to $PWD/remote_files/vpn/configs/$CLIENT/inventory_hostname
      - joedoe
      - janedoe
    openvpn_fetch_config_dir: ./remote_files/vpn/configs
  tasks:
  - name: Get my public IP
    ipify_facts:
    register: public_ip
  - name: Import openvpn role with public ip known
    import_role: 
      name: kyl191.openvpn
    vars: 
      # Set the `remote` in the client configs to either server_fqdn or the host's public IP as reported by ipify
      openvpn_server_hostname: "{{ server_fqdn | default(public_ip.ansible_facts.ipify_public_ip) }}"
      # Split Tunnel
      openvpn_redirect_gateway: false
    become: true