diff --git a/installNFS.yml b/installNFS.yml
index 0c6b1c24dfc5e9ffe8a63ccc234fd2bc475e33d0..3512ff2c8d9dc2f5be3302a3090f1427f21e40f8 100644
--- a/installNFS.yml
+++ b/installNFS.yml
@@ -7,7 +7,6 @@
- easy-rsa-CA
- easy-rsa-certificate
- OpenVPN-Server
- - nfs-common
- nfs-server
sudo: true
vars:
@@ -19,7 +18,6 @@
- easy-rsa-common
- easy-rsa-certificate
- OpenVPN-Client
- - nfs-common
- syncExports
- nfs-client
sudo: true
diff --git a/roles/easy-rsa-certificate/tasks/buildCert.yml b/roles/easy-rsa-certificate/tasks/buildCert.yml
index ee22f077b354dbfd53a82106e1babdeb32e852e8..9d131671bb5109e58ef9bd9e5b8c85e21115edee 100644
--- a/roles/easy-rsa-certificate/tasks/buildCert.yml
+++ b/roles/easy-rsa-certificate/tasks/buildCert.yml
@@ -25,9 +25,15 @@
set_fact: needcert=True
when: key.stat.exists == false
-- name: "set needcert if cert is missing"
+- name: "set needcert if cert is missing or of zero size"
set_fact: needcert=True
- when: cert.stat.exists == false
+ when: cert.stat.exists == false or cert.stat.size == 0
+
+- name: "Delete Zero Sized Ceritificates"
+ remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
+ delegate_to: "{{ x509_ca_server }}"
+ shell: rm -rf /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.*
+ when: cert.stat.size == 0
- name: "set needcert if cert doesn't match key"
set_fact: needcert=True
diff --git a/roles/nfs-client/tasks/mountFileSystem.yml b/roles/nfs-client/tasks/mountFileSystem.yml
index 0dd914dff6afc551bf9cf02d815382c5da7aebb3..2b54ceb2596712089f8668c9f78eda1e4047d461 100644
--- a/roles/nfs-client/tasks/mountFileSystem.yml
+++ b/roles/nfs-client/tasks/mountFileSystem.yml
@@ -1,8 +1,14 @@
---
-- name: "Mounting NFS mounts"
- mount: "name={{ nfsClientDestDir }} src={{ nfs_server }}:{{ nfsClientSrcDir }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
+-
+ name: "Get the NFS Network"
+ setup:
+ register: nfsServer
+ run_once: true
+ delegate_to: "{{ nfs_server }}"
+-
+ mount: "name={{ item.name }} src={{ nfsServer['ansible_facts']['ansible_'+item.interface]['ipv4']['address'] }}:{{ item.src }} fstype={{ item.fstype }} opts={{ item.opts }} state=mounted"
+ name: "Mounting NFS mounts"
+ with_items: exportList
notify: "restart authentication"
notify: "restart idmap"
sudo: true
-
-
diff --git a/roles/nfs-client/vars/main.yml b/roles/nfs-client/vars/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..fd7f0fcce0d2ef2b15b48ffdde2ea956e1732a82
--- /dev/null
+++ b/roles/nfs-client/vars/main.yml
@@ -0,0 +1,4 @@
+---
+# This is a list of exports, individual entry for each mount.
+exportList:
+ - { name : '/mnt/test-nfs', src : '/mnt',fstype : 'nfs', opts : 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock' , interface : 'tun0' }
diff --git a/roles/nfs-common/tasks/main.yml b/roles/nfs-common/tasks/main.yml
index 5f1757d5f6b2724de61540f7c82b23921ae46d18..559decd124f9d12dcd73ccd74bfd5400ebe5f7ae 100644
--- a/roles/nfs-common/tasks/main.yml
+++ b/roles/nfs-common/tasks/main.yml
@@ -2,5 +2,5 @@
- include: yumPackages.yml
- name: setup idmap.conf
- template: src=idmap.conf.j2 dest=/etc/idmap.conf
+ template: src=idmapd.conf.j2 dest=/etc/idmapd.conf
sudo: true
diff --git a/roles/syncExports/tasks/addExports.yml b/roles/syncExports/tasks/addExports.yml
index fb08d1acbd9ca8c66ee1dea5522ea1cc1839e82c..d5bb11156e61d4b921a8420abc2f746f4d6338a7 100644
--- a/roles/syncExports/tasks/addExports.yml
+++ b/roles/syncExports/tasks/addExports.yml
@@ -4,3 +4,8 @@
template: src=exports.j2 dest=/etc/exports owner=root group=root mode=644
delegate_to: "{{ nfs_server }}"
run_once: true
+-
+ name : Restart the NFS Server
+ service: name=nfs state=restarted
+ delegate_to: "{{ nfs_server }}"
+ run_once: true
diff --git a/roles/syncExports/templates/exports.j2 b/roles/syncExports/templates/exports.j2
index 2949f722693811f3a3253953917e92269f809fbb..4125a4b1c9bac3e75db69e59c320be09d2bdc7ee 100644
--- a/roles/syncExports/templates/exports.j2
+++ b/roles/syncExports/templates/exports.j2
@@ -1,4 +1,4 @@
-{% for src in srcDir %}
-{{ src }} {% for node in groups['openvpn-clients'] %}{% for ip in hostvars[node]['ansible_all_ipv4_addresses'] %}{{ ip }}(rw,sync,root_squash) {% endfor %}{% endfor %}
+{% for export in exportList %}
+{{ export.src }} {% for group in groupList %}{% for node in groups[group.name] %}{{ hostvars[node]['ansible_'+group.interface]['ipv4']['address'] }}(rw,sync,root_squash) {% endfor %}{% endfor %}
{% endfor %}
diff --git a/roles/syncExports/vars/main.yml b/roles/syncExports/vars/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..785aea8a5df9cc2389a455afb2965f36c229f942
--- /dev/null
+++ b/roles/syncExports/vars/main.yml
@@ -0,0 +1,3 @@
+---
+groupList:
+ - { name : 'openvpn-clients', interface : 'tun0' }
diff --git a/syncNFS.yml b/syncNFS.yml
index f538c66e3b43190e071a396b38c5f72d6dbd5f71..be34ef3dda026b5bf54e90196a7e1f0dafa4683f 100644
--- a/syncNFS.yml
+++ b/syncNFS.yml
@@ -2,7 +2,7 @@
-
hosts: openvpn-clients
remote_user: ec2-user
- roles:
+ roles:
- syncExports
- nfs-client
sudo: true