refactor openvpn

.github/workflows/ansible-install.yml

@@ -12,21 +12,24 @@ jobs:
       - name: Check out the codebase.
         uses: actions/checkout@v2
 
+      # Taken here: https://community.openvpn.net/openvpn/wiki/OpenVPN3Linux
       - name: Install OpenVPN
         run: |
-          sudo apt-get update
-          sudo apt-get --assume-yes --no-install-recommends install openvpn3 apt-transport-https curl
-          sudo mkdir -p /etc/apt/keyrings && curl -fsSL https://packages.openvpn.net/packages-repo.gpg | sudo tee /etc/apt/keyrings/openvpn.asc
-          DISTRO=$(lsb_release -c | awk '{print $2}')
-          echo "deb [signed-by=/etc/apt/keyrings/openvpn.asc] https://packages.openvpn.net/openvpn3/debian $DISTRO main" | sudo tee /etc/apt/sources.list.d/openvpn-packages.list
-          sudo apt install openvpn3
+          export DISTRO=$(lsb_release --codename | cut -f2)
+          sudo apt-get install -y apt-transport-https curl
+          sudo mkdir -p /etc/apt/keyrings
+          sudo curl -sSfL https://packages.openvpn.net/packages-repo.gpg | sudo tee /etc/apt/keyrings/openvpn.asc
+          echo "deb [signed-by=/etc/apt/keyrings/openvpn.asc] https://packages.openvpn.net/openvpn3/debian $DISTRO main" | sudo tee -a /etc/apt/sources.list.d/openvpn3.list
+          sudo apt-get update -y && sudo apt-get install -y openvpn3
 
       - name: Setup VPN config
         run: |
           echo -n "${{ secrets.VPN_CONFIG }}" | base64 -d > config.ovpn
+          sudo openvpn3 config-import --config config.ovpn --name HOME_VPN
+          sudo openvpn3 config-manage --config HOME_VPN --allow-compression yes
 
       - name: Connect VPN
-        run: sudo openvpn3 session-start --dco true --config config.ovpn --background
+        run: sudo openvpn3 session-start --config HOME_VPN
 
       - name: Wait for a VPN connection
         timeout-minutes: 1
@@ -61,4 +64,4 @@ jobs:
   
       - name: Kill VPN connection
         if: always()
-        run: sudo killall openvpn3
+        run: sudo openvpn3 session-manage --config HOME_VPN --disconnect

.github/workflows/ansible-updates.yml

@@ -11,17 +11,24 @@ jobs:
       - name: Check out the codebase.
         uses: actions/checkout@v2
 
+      # Taken here: https://community.openvpn.net/openvpn/wiki/OpenVPN3Linux
       - name: Install OpenVPN
         run: |
-          sudo apt-get update
-          sudo apt-get --assume-yes --no-install-recommends install openvpn3
+          export DISTRO=$(lsb_release --codename | cut -f2)
+          sudo apt-get install -y apt-transport-https curl
+          sudo mkdir -p /etc/apt/keyrings
+          sudo curl -sSfL https://packages.openvpn.net/packages-repo.gpg | sudo tee /etc/apt/keyrings/openvpn.asc
+          echo "deb [signed-by=/etc/apt/keyrings/openvpn.asc] https://packages.openvpn.net/openvpn3/debian $DISTRO main" | sudo tee -a /etc/apt/sources.list.d/openvpn3.list
+          sudo apt-get update -y && sudo apt-get install -y openvpn3
 
       - name: Setup VPN config
         run: |
-          echo "${{ secrets.VPN_CONFIG }}" > config.ovpn
+          echo -n "${{ secrets.VPN_CONFIG }}" | base64 -d > config.ovpn
+          sudo openvpn3 config-import --config config.ovpn --name HOME_VPN
+          sudo openvpn3 config-manage --config HOME_VPN --allow-compression yes
 
       - name: Connect VPN
-        run: sudo openvpn3 session-start --dco true --config config.ovpn --background
+        run: sudo openvpn3 session-start --config HOME_VPN
 
       - name: Wait for a VPN connection
         timeout-minutes: 1
@@ -56,4 +63,4 @@ jobs:
   
       - name: Kill VPN connection
         if: always()
-        run: sudo killall openvpn
+        run: sudo openvpn3 session-manage --config HOME_VPN --disconnect

inventory/cluster/group_vars/all.yml

@@ -4,7 +4,7 @@ ansible_user: charles
 k3s_state: installed # 'uninstalled' to uninstall k3s
 k3s_pods_cidr: 10.42.0.0/16
 k3s_github_url: https://github.com/k3s-io/k3s
-k3s_release_version: v1.30.2+k3s1
+k3s_release_version: v1.31.3+k3s1
 k3s_become: true
 
 # Use etcd as an embedded datastore.