diff --git a/roles/OpenVPN-Client/meta/main.yml b/roles/OpenVPN-Client/meta/main.yml
index 0020965b8c6d21caf977d410aa7d22aa6953365f..804fc7d7e980b92f07d2c5bd01b082918d3f78ea 100644
--- a/roles/OpenVPN-Client/meta/main.yml
+++ b/roles/OpenVPN-Client/meta/main.yml
@@ -1,3 +1,4 @@
---
dependencies:
+# - { role: easy-rsa-CA }
- { role: easy-rsa-certificate, x509_csr_args: "" }
diff --git a/roles/OpenVPN-Client/vars/main.yml b/roles/OpenVPN-Client/vars/readme.txt
similarity index 100%
rename from roles/OpenVPN-Client/vars/main.yml
rename to roles/OpenVPN-Client/vars/readme.txt
diff --git a/roles/OpenVPN-Server/meta/main.yml b/roles/OpenVPN-Server/meta/main.yml
index 46f5a2316b48320534f9e99db594e1bb61d34744..b5248e14fe2b08c9c6a1f4997c21d42c83cc305d 100644
--- a/roles/OpenVPN-Server/meta/main.yml
+++ b/roles/OpenVPN-Server/meta/main.yml
@@ -1,3 +1,4 @@
---
dependencies:
+ - { role: easy-rsa-CA }
- { role: easy-rsa-certificate, x509_csr_args: "--server" }
diff --git a/roles/OpenVPN-Server/vars/main.yml b/roles/OpenVPN-Server/vars/readme.txt
similarity index 100%
rename from roles/OpenVPN-Server/vars/main.yml
rename to roles/OpenVPN-Server/vars/readme.txt
diff --git a/roles/commonVars/vars/main.yml b/roles/commonVars/vars/readme.txt
similarity index 100%
rename from roles/commonVars/vars/main.yml
rename to roles/commonVars/vars/readme.txt
diff --git a/roles/easy-rsa-certificate/tasks/buildCert.yml b/roles/easy-rsa-certificate/tasks/buildCert.yml
index 79c15c00d73e3b0015db7d69f1e0303576fa7960..c5299982e182f3d749e5e9a6a3ad47c2c9442280 100644
--- a/roles/easy-rsa-certificate/tasks/buildCert.yml
+++ b/roles/easy-rsa-certificate/tasks/buildCert.yml
@@ -34,6 +34,7 @@
delegate_to: "{{ x509_ca_server }}"
shell: rm -rf /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.*
when: cert is defined and cert.stat.size == 0
+ sudo: true
- name: "set needcert if cert doesn't match key"
set_fact: needcert=True
@@ -46,43 +47,54 @@
- name: "Creating CSR"
shell: " cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ x509_csr_args }} {{ x509_common_name }}"
- args:
- creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key"
+# args:
+# creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key"
when: needcert
sudo: true
- name: "Copy CSR to ansible host"
- fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr dest=/tmp/ fail_on_missing=yes validate_md5=yes flat=yes"
+ fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr dest=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr fail_on_missing=yes validate_md5=yes flat=yes"
sudo: true
when: needcert
+- name: "Create node tmp directory"
+ delegate_to: 127.0.0.1
+ shell: "mkdir -p /tmp/{{ inventory_hostname }} ; chmod 755 /tmp/{{ inventory_hostname }}"
+
- name: "Copy CSR to CA"
remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
delegate_to: "{{ x509_ca_server }}"
- copy: "src=/tmp/{{ x509_common_name }}.csr dest=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr force=yes"
+# copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr dest=/tmp/{{ inventory_hostname }}.csr force=yes"
+ copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr dest=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr force=yes"
when: needcert
sudo: true
+#- name: "Place CSR to a right place"
+# local_action: "command cp -f /tmp/{{ inventory_hostname }}.csr /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr"
+# when: needcert
+# sudo: true
+
- name: "Sign Certificate"
remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
delegate_to: "{{ x509_ca_server }}"
- shell: ". ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
- args:
- chdir: "/etc/easy-rsa/2.0"
- creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt"
+ shell: "cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
+# args:
+# chdir: "/etc/easy-rsa/2.0"
+# creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt"
+ when: needcert
sudo: true
- name: "Copy the Certificate to ansible host"
remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
delegate_to: "{{ x509_ca_server }}"
- fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt dest=/tmp/ fail_on_missing=yes validate_md5=yes flat=yes"
+ fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt dest=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt fail_on_missing=yes validate_md5=yes flat=yes"
sudo: true
when: needcert
- name: "Copy the CA Certificate to the ansible host"
remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
delegate_to: "{{ x509_ca_server }}"
- fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/ca.crt fail_on_missing=yes validate_md5=yes flat=yes"
+ fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/{{ inventory_hostname }}/ca.crt fail_on_missing=yes validate_md5=yes flat=yes"
sudo: true
when: "ca_cert.stat.exists == false"
@@ -91,12 +103,18 @@
sudo: true
- name: "Copy the certificate to the node"
- copy: "src=/tmp/{{ x509_common_name }}.crt dest={{ x509_cert_file }} force=yes"
+# copy: "src=/tmp/{{ x509_common_name }}.crt dest={{ x509_cert_file }} force=yes"
+ copy: "src=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt dest=/tmp/{{ x509_common_name }}.crt force=yes"
+ sudo: true
+ when: needcert
+
+- name: "Copy the certificate to the right location"
+ shell: "cp -f /tmp/{{ x509_common_name }}.crt {{ x509_cert_file }}"
sudo: true
when: needcert
- name: "Copy the CA certificate to the node"
- copy: "src=/tmp/ca.crt dest={{ x509_cacert_file }}"
+ copy: "src=/tmp/{{ inventory_hostname }}/ca.crt dest={{ x509_cacert_file }}"
sudo: true
when: "ca_cert.stat.exists == false"
diff --git a/roles/easy-rsa-certificate/vars/main.yml b/roles/easy-rsa-certificate/vars/readme.txt
similarity index 100%
rename from roles/easy-rsa-certificate/vars/main.yml
rename to roles/easy-rsa-certificate/vars/readme.txt
diff --git a/roles/easy-rsa-common/defaults/main.yml b/roles/easy-rsa-common/defaults/readme.txt
similarity index 100%
rename from roles/easy-rsa-common/defaults/main.yml
rename to roles/easy-rsa-common/defaults/readme.txt
diff --git a/roles/etcHosts/defaults/main.yml b/roles/etcHosts/defaults/main.yml
index fe7780414f5cacb07b4161f6c103e5f326f8e2ab..1ee9792b74245b835aa02f97d1c4fa669b886387 100644
--- a/roles/etcHosts/defaults/main.yml
+++ b/roles/etcHosts/defaults/main.yml
@@ -1,4 +1,3 @@
---
-domain: testdomain.dummy.invalid
get_groups: true
edit_hosts: true
diff --git a/roles/etcHosts/tasks/main.yml b/roles/etcHosts/tasks/main.yml
index ce9aacc257a048c485966f65cbbd5fd783c35143..1486d481a3a4c8b048444742b784ccb65d2c1e5a 100644
--- a/roles/etcHosts/tasks/main.yml
+++ b/roles/etcHosts/tasks/main.yml
@@ -20,4 +20,3 @@
sudo: true
with_items: hosts_data.stdout_lines
when: edit_hosts
-
diff --git a/roles/nfs-client/defaults/main.yml b/roles/nfs-client/defaults/main.yml
deleted file mode 100644
index d201130985c95100cc8a7eb11b63fa87a5879af6..0000000000000000000000000000000000000000
--- a/roles/nfs-client/defaults/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-nfsClientSrcDir: '/mnt'
-nfsClientDestDir: '/mnt/test-nfs'
-nfs_server: 'nfsserver.edu'
-nfs_type: 'nfs'
-nfs_options: 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock'
diff --git a/roles/nfs-client/tasks/mountFileSystem.yml b/roles/nfs-client/tasks/mountFileSystem.yml
index 2f774a94a3cf3047e348099e719c55a180fd0cab..883b49f1c78942ca3b9c27e693a3135abdbbcf6f 100644
--- a/roles/nfs-client/tasks/mountFileSystem.yml
+++ b/roles/nfs-client/tasks/mountFileSystem.yml
@@ -4,15 +4,7 @@
register: nfsServer
run_once: true
delegate_to: "{{ nfs_server }}"
- when: nfsServer is defined
-
-- name: "Set nfsServer facts when it is not defined"
- set_fact:
- - {{ nfsServer }}
- - ansible_{{ nfsServerInterface }}:
- - ipv4:
- - address: {{ nfsServerIpAddress }}
- when: nfsServer is defined
+ when: nfsServer is not defined
- name: "Mounting NFS mounts"
mount: "name={{ item.name }} src={{ nfsServer['ansible_facts']['ansible_'+item.interface]['ipv4']['address'] }}:{{ item.src }} fstype={{ item.fstype }} opts={{ item.opts }} state=mounted"
diff --git a/roles/nfs-client/vars/main.yml b/roles/nfs-client/vars/readme.txt
similarity index 100%
rename from roles/nfs-client/vars/main.yml
rename to roles/nfs-client/vars/readme.txt
diff --git a/roles/nfs-server/vars/main.yml b/roles/nfs-server/defaults/main.yml
similarity index 100%
rename from roles/nfs-server/vars/main.yml
rename to roles/nfs-server/defaults/main.yml
diff --git a/roles/opensslCA/vars/main.yml b/roles/opensslCA/defaults/main.yml
similarity index 100%
rename from roles/opensslCA/vars/main.yml
rename to roles/opensslCA/defaults/main.yml
diff --git a/roles/opensslServer/vars/main.yml b/roles/opensslServer/defaults/main.yml
similarity index 100%
rename from roles/opensslServer/vars/main.yml
rename to roles/opensslServer/defaults/main.yml
diff --git a/roles/slurm-build/tasks/main.yml b/roles/slurm-build/tasks/main.yml
index 07d8886054276b201e675bf8fb31aa20b783f03f..beafee75dae26a9495bdacb36ff380ec2318074a 100644
--- a/roles/slurm-build/tasks/main.yml
+++ b/roles/slurm-build/tasks/main.yml
@@ -38,8 +38,8 @@
- name: install munge deps
shell: rpm -i /root/rpmbuild/RPMS/x86_64/munge-libs-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-devel-{{ munge_version }}-1.el6.x86_64.rpm
sudo: true
-# ignore_errors: true
- when: munge_installed | failed
+ when: munge_installed.stdout.find("munge") == -1
+# when: munge_installed is failed or munge_installed.stdout.find("munge") == -1
- name: make slurm rpms
shell: rpmbuild -ta --clean slurm-{{ slurm_version }}.tar.bz2
diff --git a/roles/slurm/vars/main.yml b/roles/slurm/vars/readme.txt
similarity index 100%
rename from roles/slurm/vars/main.yml
rename to roles/slurm/vars/readme.txt
diff --git a/roles/syncExports/vars/main.yml b/roles/syncExports/vars/readme.txt
similarity index 100%
rename from roles/syncExports/vars/main.yml
rename to roles/syncExports/vars/readme.txt