Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
ansible_cluster_in_a_box
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Operate
Environments
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Chris Hines
ansible_cluster_in_a_box
Commits
ea26b3b4
Commit
ea26b3b4
authored
10 years ago
by
Shahaan Ayyub
Browse files
Options
Downloads
Patches
Plain Diff
Made Few Test Changes to OpenVPN-Client and easy-rsa-CA-client
parent
1d0416f5
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
roles/OpenVPN-Client/tasks/copyCerts.yml
+7
-27
7 additions, 27 deletions
roles/OpenVPN-Client/tasks/copyCerts.yml
roles/easy-rsa-CA-client/tasks/buildClientCert.yml
+20
-4
20 additions, 4 deletions
roles/easy-rsa-CA-client/tasks/buildClientCert.yml
with
27 additions
and
31 deletions
roles/OpenVPN-Client/tasks/copyCerts.yml
+
7
−
27
View file @
ea26b3b4
---
-
failed_when
:
"
CAcert.stat.exists
==
false"
name
:
"
Check
if
CA
certificate
exist"
register
:
CAcert
stat
:
path=/etc/easy-rsa/2.0/keys/ca.crt
delegate_to
:
"
{{
server
}}"
-
synchronize
:
"
src=/etc/easy-rsa/2.0/keys/ca.crt
dest=/etc/openvpn/ca.crt
mode=push
rsync_path='sudo
rsync'"
copy
:
"
src=certDir/ca.crt
dest=/etc/openvpn/ca.crt
mode=644
owner=root
group=root"
name
:
"
Copying
CA
certificate"
when
:
"
CAcert.stat.exists
==
true"
delegate_to
:
"
{{
server
}}"
-
failed_when
:
"
ClientCert.stat.exists
==
false"
name
:
"
Check
if
Client
certificate
exist"
register
:
ClientCert
stat
:
"
path=/etc/easy-rsa/2.0/keys/{{
inventory_hostname
}}.crt"
delegate_to
:
"
{{
server
}}"
-
synchronize
:
"
src=/etc/easy-rsa/2.0/keys
/{{
inventory_hostname
}}.crt
dest=/etc/openvpn/{{
inventory_hostname
}}.crt
rsync_path='sudo
rsync'
mode=push
"
copy
:
"
src=certDir
/{{
inventory_hostname
}}.crt
dest=/etc/openvpn/{{
inventory_hostname
}}.crt
mode=644
owner=root
group=root
"
name
:
"
Copying
Client
certificate"
when
:
"
ClientCert.stat.exists
==
true"
delegate_to
:
"
{{
server
}}"
-
failed_when
:
"
ClientKey.stat.exists
==
false"
name
:
"
Check
if
Server
key
exist"
register
:
ClientKey
stat
:
"
path=/etc/easy-rsa/2.0/keys/{{
inventory_hostname
}}.key"
delegate_to
:
"
{{
server
}}"
-
synchronize
:
"
src=/etc/easy-rsa/2.0/keys/{{
inventory_hostname
}}.key
dest=/etc/openvpn/{{
inventory_hostname
}}.key
mode=push
rsync_path='sudo
rsync'"
copy
:
"
src=certDir/{{
inventory_hostname
}}.key
dest=/etc/openvpn/{{
inventory_hostname
}}.key
mode=600
owner=root
group=root"
name
:
"
Copying
Client
key"
when
:
"
ClientKey.stat.exists
==
true"
delegate_to
:
"
{{
server
}}"
-
copy
:
"
src=client.conf
dest=/etc/openvpn/client.conf
owner=root
group=root
mode=644"
name
:
"
Copying
client.conf
to
the
OpenVPN
client"
...
...
@@ -44,3 +20,7 @@
-
name
:
"
Starting
openvpn"
service
:
"
name=openvpn
enabled=yes
state=started"
-
local_action
:
"
command
rm
-rf
{{
ansible_env['PWD']
}}/roles/OpenVPN-Client/files/certDir"
name
:
"
Removing
Cert
Directory"
This diff is collapsed.
Click to expand it.
roles/easy-rsa-CA-client/tasks/buildClientCert.yml
+
20
−
4
View file @
ea26b3b4
---
-
delegate_to
:
"
vm-118-138-240-224.erc.monash.edu.au
"
delegate_to
:
"
{{
server
}}
"
name
:
"
Check
if
certificate
exist"
register
:
cert
stat
:
"
path=/etc/easy-rsa/2.0/keys/{{
client
}}.crt"
stat
:
"
path=/etc/easy-rsa/2.0/keys/{{
inventory_hostname
}}.crt"
-
delegate_to
:
"
vm-118-138-240-224.erc.monash.edu.au
"
delegate_to
:
"
{{
server
}}
"
name
:
"
Creating
Client
certificate"
shell
:
'
cd
/etc/easy-rsa/2.0;
source
./vars;
export
EASY_RSA="${EASY_RSA:-.}";
"$EASY_RSA"/pkitool
--csr
{{
client
}}
;"$EASY_RSA"/pkitool
--sign
{{
client
}}'
shell
:
"
cd
/etc/easy-rsa/2.0;
source
./vars;
export
EASY_RSA=
\"
${EASY_RSA:-.}
\"
;
\"
$EASY_RSA
\"
/pkitool
--csr
{{
inventory_hostname
}}
;
\"
$EASY_RSA
\"
/pkitool
--sign
{{
inventory_hostname
}}"
when
:
"
cert.stat.exists
==
false"
-
delegate_to
:
"
{{
server
}}"
fetch
:
"
src=/etc/easy-rsa/2.0/keys/{{
inventory_hostname
}}.crt
dest=certDir/
fail_on_missing=yes
validate_md5=yes
flat=yes"
name
:
"
Copy
the
Client
Certificate
to
the
master
node"
-
delegate_to
:
"
{{
server
}}"
fetch
:
"
src=/etc/easy-rsa/2.0/keys/{{
inventory_hostname
}}.key
dest=certDir/
fail_on_missing=yes
validate_md5=yes
flat=yes"
name
:
"
Copy
the
Client
Certificate
to
the
master
node"
-
delegate_to
:
"
{{
server
}}"
fetch
:
"
src=/etc/easy-rsa/2.0/keys/ca.crt
dest=certDir/
fail_on_missing=yes
validate_md5=yes
flat=yes"
name
:
"
Copy
the
Client
Certificate
to
the
master
node"
-
local_action
:
"
command
mv
{{
ansible_env['PWD']
}}/certDir
{{
ansible_env['PWD']
}}/roles/OpenVPN-Client/files/"
name
:
"
Moving
certDir
to
files"
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
