From 4323f485855bbe727883ca9e59702037c7bfef71 Mon Sep 17 00:00:00 2001
From: Adrien <adrien@reslinger.net>
Date: Sat, 19 Dec 2020 12:30:05 +0100
Subject: [PATCH 1/2] Add script to fix config

---
 init_vpn_conf.sh | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 init_vpn_conf.sh

diff --git a/init_vpn_conf.sh b/init_vpn_conf.sh
new file mode 100644
index 0000000..39dd50e
--- /dev/null
+++ b/init_vpn_conf.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+nmcli con add type bridge con-name ovpn ifname ovpn ip4 172.16.100.1/24 connection.zone internal
+nmcli connection up ovpn

From 0a2c629ec135a7673c36e6249538b273ee887905 Mon Sep 17 00:00:00 2001
From: Adrien Reslinger <adrien@reslinger.net>
Date: Thu, 31 Dec 2020 01:04:29 +0100
Subject: [PATCH 2/2] It work on EL8

---
 init_vpn_conf.sh |  3 ---
 tasks/main.yml   | 25 +++++++++++++------------
 2 files changed, 13 insertions(+), 15 deletions(-)
 delete mode 100644 init_vpn_conf.sh

diff --git a/init_vpn_conf.sh b/init_vpn_conf.sh
deleted file mode 100644
index 39dd50e..0000000
--- a/init_vpn_conf.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/bin/env bash
-nmcli con add type bridge con-name ovpn ifname ovpn ip4 172.16.100.1/24 connection.zone internal
-nmcli connection up ovpn
diff --git a/tasks/main.yml b/tasks/main.yml
index 60d7e73..8a6eaeb 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -16,6 +16,17 @@
     when:
       - openvpn_bridge_type == "ovs"
 
+# Does I need to run it 2 times ? Interface need to bee up when it run ?
+  - name: set bridge interface firewalld zone
+    ansible.posix.firewalld:
+      permanent: yes
+      zone: internal
+      interface: '{{ openvpn_bridge }}'
+      state: enabled
+      immediate: yes
+    when:
+      - openvpn_bridge_type == "bridge"
+
 #  - openvswitch_bridge:
 #      bridge: "{{ openvpn_bridge }}"
 #      parent: "{{ openvpn_bridgemaster }}"
@@ -24,25 +35,15 @@
 #    when:
 #      - openvpn_bridge_type == "ovs"
 
-# Doesn't work !!
   - name: try nmcli add bridge - conn_name only & ip4 gw4 mode
     community.general.nmcli:
       type: bridge
       conn_name: '{{ openvpn_bridge }}'
       ifname: '{{ openvpn_bridge }}'
-      ip4: '{{ openvpn_bridge_ip }}/24'
+      ip4: '{{ openvpn_bridge_ip }}'
       state: present
     when:
       - openvpn_bridge_type == "bridge"
-  - name: set bridge interface firewalld zone
-    ansible.posix.firewalld:
-      permanent: yes
-      zone: internal
-      interface: '{{ openvpn_bridge }}'
-      state: enabled
-      immediate: yes
-    when:
-      - openvpn_bridge_type == "bridge"
 
   - name: Make server config directory
     file:
@@ -132,7 +133,7 @@
     when: result is changed
 
   - name: Open Firewalld
-    firewalld:
+    ansible.posix.firewalld:
       service: openvpn-{{ openvpn_vpn_name | regex_replace('\.','_') }}
       permanent: true
       state: enabled