feat(staticclients): support dual IPv6 / stack stack clients

haslersn · haslersn · commit a956e9e47832 · 2025-03-12T16:22:00.000+01:00
diff --git a/README.md b/README.md
@@ -52,12 +52,12 @@ This role requires an apt based system.
 
 A client object is a dictionary that can contain the following keys.
 
-| Key          | Mandatory?               | Description                                                            |
-| ------------ | ------------------------ | ---------------------------------------------------------------------- |
-| `name`       | :heavy_check_mark:       | Name of the client. Has to be unique.                                  |
-| `ip_address` | :heavy_multiplication_x: | IP address given to the client via `ifconfig-push`                     |
-| `netmask`    | :heavy_multiplication_x: | Netmask of that IP address                                             |
-| `push`       | :heavy_multiplication_x: | Miscellaneous strings to be used with the `push` command to the client |
+| Key    | Mandatory?               | Description                                                            |
+| ------ | ------------------------ | ---------------------------------------------------------------------- |
+| `name` | :heavy_check_mark:       | Name of the client. Has to be unique.                                  |
+| `ipv4` | :heavy_multiplication_x: | IPv4 address given to the client via `ifconfig-push`                   |
+| `ipv6` | :heavy_multiplication_x: | IPv6 address given to the client via `ifconfig-ipv6-push`              |
+| `push` | :heavy_multiplication_x: | Miscellaneous strings to be used with the `push` command to the client |
 
 ### LDAP
 
diff --git a/tasks/client_config_dir.yml b/tasks/client_config_dir.yml
@@ -3,4 +3,3 @@
     src: staticclient.j2
     dest: "{{ openvpn_base_dir }}/staticclients/OpenVPN-Client-{{ openvpn_server_hostname[:24] }}-{{ item.name[:24] }}"
     mode: 644
-  when: item.ip_address is defined
diff --git a/templates/staticclient.j2 b/templates/staticclient.j2
@@ -1,4 +1,9 @@
-ifconfig-push {{ item.ip_address }} {{ item.netmask }}
+{% if item.ipv4 is defined %}
+ifconfig-push {{ item.ipv4 }} {{ openvpn_tunnel_subnetv4 | ansible.utils.ipaddr('netmask') }}
+{% endif %}
+{% if item.ipv6 is defined %}
+ifconfig-ipv6-push {{ item.ipv6 }}/{{ openvpn_tunnel_subnetv6 | ansible.utils.ipaddr('prefix') }} {{ openvpn_tunnel_subnetv6 | ansible.utils.nthhost(2) }}
+{% endif %}
 {% for push_option in item.push | default(openvpn_default_client_push) %}
 push "{{ push_option }}"
 {% endfor %}
