Initial support for Ubuntu 20.04 (trailofbits#1770)

roles/strongswan/defaults/main.yml

@@ -3,6 +3,7 @@ ipsec_config_path: "configs/{{ IP_subject_alt_name }}/ipsec/"
 ipsec_pki_path: "{{ ipsec_config_path }}/.pki/"
 strongswan_shell: /usr/sbin/nologin
 strongswan_home: /var/lib/strongswan
+strongswan_service: "{{ 'strongswan-starter' if ansible_distribution_major_version|int > 19 else 'strongswan' }}"
 BetweenClients_DROP: true
 algo_ondemand_cellular: false
 algo_ondemand_wifi: false

roles/strongswan/handlers/main.yml

@@ -1,5 +1,5 @@
 - name: restart strongswan
-  service: name=strongswan state=restarted
+  service: name={{ strongswan_service }} state=restarted
 
 - name: daemon-reload
   systemd: daemon_reload=true

roles/strongswan/tasks/main.yml

@@ -24,7 +24,7 @@
 
 - name: strongSwan started
   service:
-    name: strongswan
+    name: "{{ strongswan_service }}"
     state: started
     enabled: true
 

roles/strongswan/tasks/ubuntu.yml

@@ -35,12 +35,12 @@
   service: name={{ item }} enabled=yes
   with_items:
     - apparmor
-    - strongswan
+    - "{{ strongswan_service }}"
     - netfilter-persistent
 
 - name: Ubuntu | Ensure that the strongswan service directory exists
   file:
-    path: /etc/systemd/system/strongswan.service.d/
+    path: /etc/systemd/system/{{ strongswan_service }}.service.d/
     state: directory
     mode: 0755
     owner: root
@@ -49,7 +49,7 @@
 - name: Ubuntu | Setup the cgroup limitations for the ipsec daemon
   template:
     src: 100-CustomLimitations.conf.j2
-    dest: /etc/systemd/system/strongswan.service.d/100-CustomLimitations.conf
+    dest: /etc/systemd/system/{{ strongswan_service }}.service.d/100-CustomLimitations.conf
   notify:
     - daemon-reload
     - restart strongswan