From 3cf7ebcff845434d07155ff31194faaa6a51a2aa Mon Sep 17 00:00:00 2001
From: Chris Hines <chris.hines@monash.edu>
Date: Thu, 20 Nov 2014 04:25:58 +0000
Subject: [PATCH] updates to the easy-rsa roles to make them work on debian
 (for karaage installation)

---
 roles/OpenVPN-Server/vars/main.yml            |  2 +-
 .../easy-rsa-certificate/tasks/buildCert.yml  |  4 ++--
 .../easy-rsa-common/tasks/installEasyRsa.yml  | 22 +++++++++++++++++++
 3 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/roles/OpenVPN-Server/vars/main.yml b/roles/OpenVPN-Server/vars/main.yml
index 84cc286..7ce242b 100644
--- a/roles/OpenVPN-Server/vars/main.yml
+++ b/roles/OpenVPN-Server/vars/main.yml
@@ -1,6 +1,6 @@
 ---
 x509_csr_args: "--server"
-x509_cacert_file: "/etc/ssl/certs/cacert.pem"
+x509_cacert_file: "/etc/ssl/certs/ca.crt"
 x509_key_file: "/etc/ssl/private/server.key"
 x509_cert_file: "/etc/ssl/certs/server.pem"
 x509_common_name: "{{ ansible_fqdn }}_OpenVPN_Server"
diff --git a/roles/easy-rsa-certificate/tasks/buildCert.yml b/roles/easy-rsa-certificate/tasks/buildCert.yml
index e2f1517..265efd3 100644
--- a/roles/easy-rsa-certificate/tasks/buildCert.yml
+++ b/roles/easy-rsa-certificate/tasks/buildCert.yml
@@ -39,7 +39,7 @@
   when: needcert
 
 - name: "Creating CSR"
-  shell: " cd /etc/easy-rsa/2.0; source ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ x509_csr_args }} {{ x509_common_name }}"
+  shell: " cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ x509_csr_args }} {{ x509_common_name }}"
   args:
     creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key"
   when: needcert
@@ -58,7 +58,7 @@
 
 - name: "Sign Certificate"
   delegate_to: "{{ x509_ca_server }}"
-  shell:    "source ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
+  shell:    ". ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
   args:
     chdir: "/etc/easy-rsa/2.0"
     creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt"
diff --git a/roles/easy-rsa-common/tasks/installEasyRsa.yml b/roles/easy-rsa-common/tasks/installEasyRsa.yml
index 9062831..a031733 100644
--- a/roles/easy-rsa-common/tasks/installEasyRsa.yml
+++ b/roles/easy-rsa-common/tasks/installEasyRsa.yml
@@ -3,9 +3,31 @@
   name: "Installing easy-rsa"
   yum: "name=easy-rsa state=latest"
   sudo: True
+  when: ansible_os_family == 'RedHat'
+- 
+  name: "Installing easy-rsa"
+  apt: "name=openvpn state=latest"
+  sudo: True
+  when: ansible_os_family == 'Debian'
 - 
   name: "Moving easy-rsa to /etc"
   shell: "cp -rf /usr/share/easy-rsa /etc/"
   args:
     creates: /etc/easy-rsa
   sudo: True
+  when: ansible_os_family == 'RedHat'
+- 
+  name: "Moving easy-rsa to /etc"
+  shell: "cp -rf /usr/share/doc/openvpn/examples/easy-rsa /etc/"
+  args:
+    creates: /etc/easy-rsa
+  sudo: True
+  when: ansible_os_family == 'Debian'
+  register: installed
+
+- name: "Clean all"
+  shell: " cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/clean-all"
+  args:
+    creates: "/etc/easy-rsa/2.0/keys/"
+  when: installed|changed
+  sudo: true
-- 
GitLab