Merge pull request #26 from shahaan/master

Some fixes: nfs-client, sycExports, easy-rsa-certificate

Merge pull request #26 from shahaan/master
Some fixes: nfs-client, sycExports, easy-rsa-certificate
10b5802d · Chris Hines · 51c004f6 · 250512ab · 10b5802d · 10b5802d
Commit 10b5802d authored 10 years ago by Chris Hines
--- a/installNFS.yml
+++ b/installNFS.yml
@@ -7,7 +7,6 @@
    - easy-rsa-CA
    - easy-rsa-certificate
    - OpenVPN-Server 
-    - nfs-common
    - nfs-server
  sudo: true
  vars: 
@@ -19,7 +18,6 @@
    - easy-rsa-common
    - easy-rsa-certificate 
    - OpenVPN-Client
-    - nfs-common
    - syncExports
    - nfs-client
  sudo: true

--- a/roles/easy-rsa-certificate/tasks/buildCert.yml
+++ b/roles/easy-rsa-certificate/tasks/buildCert.yml
@@ -25,9 +25,15 @@
  set_fact: needcert=True
  when: key.stat.exists == false

- name: "set needcert if cert is missing"
+- name: "set needcert if cert is missing or of zero size"
  set_fact: needcert=True
-  when: cert.stat.exists == false
+  when: cert.stat.exists == false or cert.stat.size == 0
+
+- name: "Delete Zero Sized Ceritificates"
+  remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
+  delegate_to: "{{ x509_ca_server }}"
+  shell: rm -rf /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.*
+  when: cert.stat.size == 0

 - name: "set needcert if cert doesn't match key"
  set_fact: needcert=True

--- a/roles/nfs-client/tasks/mountFileSystem.yml
+++ b/roles/nfs-client/tasks/mountFileSystem.yml
 --- 
- name: "Mounting NFS mounts"
-  mount: "name={{ nfsClientDestDir }} src={{ nfs_server }}:{{ nfsClientSrcDir }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
+-
+  name: "Get the NFS Network"
+  setup: 
+  register: nfsServer
+  run_once: true
+  delegate_to: "{{ nfs_server }}"
+- 
+  mount: "name={{ item.name }} src={{ nfsServer['ansible_facts']['ansible_'+item.interface]['ipv4']['address'] }}:{{ item.src }} fstype={{ item.fstype }} opts={{ item.opts }} state=mounted"
+  name: "Mounting NFS mounts"
+  with_items: exportList 
  notify: "restart authentication"
  notify: "restart idmap"
  sudo: true 
-
-  
--- a/roles/nfs-client/vars/main.yml
+++ b/roles/nfs-client/vars/main.yml
+---
+# This is a list of exports, individual entry for each mount.
+exportList:
+ - { name : '/mnt/test-nfs', src : '/mnt',fstype : 'nfs', opts : 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock' , interface : 'tun0' }
--- a/roles/nfs-common/tasks/main.yml
+++ b/roles/nfs-common/tasks/main.yml
@@ -2,5 +2,5 @@
 - include: yumPackages.yml

 - name: setup idmap.conf
-  template: src=idmap.conf.j2 dest=/etc/idmap.conf
+  template: src=idmapd.conf.j2 dest=/etc/idmapd.conf
  sudo: true
--- a/roles/syncExports/tasks/addExports.yml
+++ b/roles/syncExports/tasks/addExports.yml
@@ -4,3 +4,8 @@
  template: src=exports.j2 dest=/etc/exports owner=root group=root mode=644
  delegate_to: "{{ nfs_server }}"
  run_once: true
+-
+  name : Restart the NFS Server
+  service: name=nfs state=restarted
+  delegate_to: "{{ nfs_server }}"
+  run_once: true
--- a/roles/syncExports/templates/exports.j2
+++ b/roles/syncExports/templates/exports.j2
-{% for src in srcDir %}
-{{ src }} {% for node in  groups['openvpn-clients'] %}{% for ip in hostvars[node]['ansible_all_ipv4_addresses'] %}{{ ip }}(rw,sync,root_squash) {% endfor %}{% endfor %}
+{% for export in exportList %}
+{{ export.src }} {% for group in groupList %}{% for node in  groups[group.name] %}{{ hostvars[node]['ansible_'+group.interface]['ipv4']['address'] }}(rw,sync,root_squash) {% endfor %}{% endfor %}

 {% endfor %}
--- a/roles/syncExports/vars/main.yml
+++ b/roles/syncExports/vars/main.yml
+---
+groupList:
+ - { name : 'openvpn-clients', interface : 'tun0' }
--- a/syncNFS.yml
+++ b/syncNFS.yml
@@ -2,7 +2,7 @@
 - 
  hosts: openvpn-clients
  remote_user: ec2-user
-  roles: 
+  roles:
    - syncExports
    - nfs-client
  sudo: true