--- - name: "Install openvpn-server via apt" apt: update_cache: yes state: present name: - openvpn-server - name : "Enable ipv4 forwarding via sysctl" ansible.posix.sysctl: name: net.ipv4.ip_forward value: '1' sysctl_set: yes state: present reload: yes - name: Enable and restart openvpn daemon service: name: openvpn state: restarted enabled: yes - name: Check if AllowUsers is defined lineinfile: state: absent path: /etc/ufw/before.rules regexp: "^# START OPENVPN" check_mode: true changed_when: false register: checkufwrules - name: Insert openvpn iptables rules blockinfile: path: /etc/ufw/before.rules block: | # START OPENVPN RULES # NAT table rules *nat :POSTROUTING ACCEPT [0:0] # Allow traffic from OpenVPN client to everywhere -A POSTROUTING -s 192.168.37.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -s 192.168.37.0/24 -o eth2 -j MASQUERADE COMMIT # END OPENVPN RULES - name: Reload ufw community.general.ufw: state: reloaded ...