From ea26b3b483e8f0147d64815e191be31e139cf94b Mon Sep 17 00:00:00 2001
From: shahaan <shahaan@gmail.com>
Date: Wed, 22 Oct 2014 17:24:36 +1100
Subject: [PATCH] Made Few Test Changes to OpenVPN-Client and
 easy-rsa-CA-client

---
 roles/OpenVPN-Client/tasks/copyCerts.yml      | 34 ++++---------------
 .../tasks/buildClientCert.yml                 | 24 ++++++++++---
 2 files changed, 27 insertions(+), 31 deletions(-)

diff --git a/roles/OpenVPN-Client/tasks/copyCerts.yml b/roles/OpenVPN-Client/tasks/copyCerts.yml
index 24a47f9..9819bc0 100644
--- a/roles/OpenVPN-Client/tasks/copyCerts.yml
+++ b/roles/OpenVPN-Client/tasks/copyCerts.yml
@@ -1,37 +1,13 @@
 --- 
 - 
-  failed_when: "CAcert.stat.exists  == false"
-  name: "Check if CA certificate exist"
-  register: CAcert
-  stat: path=/etc/easy-rsa/2.0/keys/ca.crt
-  delegate_to: "{{ server }}"
-- 
-  synchronize: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/etc/openvpn/ca.crt  mode=push rsync_path='sudo rsync'"
+  copy: "src=certDir/ca.crt dest=/etc/openvpn/ca.crt  mode=644 owner=root group=root"
   name: "Copying CA certificate"
-  when: "CAcert.stat.exists  == true"
-  delegate_to: "{{ server }}"
-- 
-  failed_when: "ClientCert.stat.exists  == false"
-  name: "Check if Client certificate exist"
-  register: ClientCert
-  stat: "path=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt"
-  delegate_to: "{{ server }}"
 - 
-  synchronize: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt dest=/etc/openvpn/{{ inventory_hostname }}.crt rsync_path='sudo rsync'  mode=push"
+  copy: "src=certDir/{{ inventory_hostname }}.crt dest=/etc/openvpn/{{ inventory_hostname }}.crt mode=644 owner=root group=root"
   name: "Copying Client certificate"
-  when: "ClientCert.stat.exists  == true"
-  delegate_to: "{{ server }}"
 - 
-  failed_when: "ClientKey.stat.exists  == false"
-  name: "Check if Server key exist"
-  register: ClientKey
-  stat: "path=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.key"
-  delegate_to: "{{ server }}"
-- 
-  synchronize: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.key dest=/etc/openvpn/{{ inventory_hostname }}.key  mode=push rsync_path='sudo rsync'"
+  copy: "src=certDir/{{ inventory_hostname }}.key dest=/etc/openvpn/{{ inventory_hostname }}.key  mode=600 owner=root group=root"
   name: "Copying Client key"
-  when: "ClientKey.stat.exists  == true"
-  delegate_to: "{{ server }}"
 - 
   copy: "src=client.conf dest=/etc/openvpn/client.conf owner=root group=root mode=644"
   name: "Copying client.conf to the OpenVPN client"
@@ -44,3 +20,7 @@
 - 
   name: "Starting openvpn"
   service: "name=openvpn enabled=yes state=started"
+- 
+  local_action: "command rm -rf {{ ansible_env['PWD'] }}/roles/OpenVPN-Client/files/certDir"
+  name: "Removing Cert Directory"
+
diff --git a/roles/easy-rsa-CA-client/tasks/buildClientCert.yml b/roles/easy-rsa-CA-client/tasks/buildClientCert.yml
index 1b586ff..efc119c 100644
--- a/roles/easy-rsa-CA-client/tasks/buildClientCert.yml
+++ b/roles/easy-rsa-CA-client/tasks/buildClientCert.yml
@@ -1,11 +1,27 @@
 --- 
 - 
-  delegate_to: "vm-118-138-240-224.erc.monash.edu.au"
+  delegate_to: "{{ server }}"
   name: "Check if certificate exist"
   register: cert
-  stat: "path=/etc/easy-rsa/2.0/keys/{{ client }}.crt"
+  stat: "path=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt"
 - 
-  delegate_to: "vm-118-138-240-224.erc.monash.edu.au"
+  delegate_to: "{{ server }}"
   name: "Creating Client certificate"
-  shell: ' cd /etc/easy-rsa/2.0; source ./vars; export EASY_RSA="${EASY_RSA:-.}"; "$EASY_RSA"/pkitool --csr {{ client }} ;"$EASY_RSA"/pkitool --sign {{ client }}'
+  shell: " cd /etc/easy-rsa/2.0; source ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ inventory_hostname }} ;\"$EASY_RSA\"/pkitool --sign {{ inventory_hostname }}"
+  when: "cert.stat.exists  == false"
+- 
+  delegate_to: "{{ server }}"
+  fetch: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt dest=certDir/ fail_on_missing=yes validate_md5=yes flat=yes"
+  name: "Copy the Client Certificate to the master node"
+- 
+  delegate_to: "{{ server }}"
+  fetch: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.key dest=certDir/ fail_on_missing=yes validate_md5=yes flat=yes"
+  name: "Copy the Client Certificate to the master node"
+- 
+  delegate_to: "{{ server }}"
+  fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=certDir/ fail_on_missing=yes validate_md5=yes flat=yes"
+  name: "Copy the Client Certificate to the master node"
+- 
+  local_action: "command mv {{ ansible_env['PWD'] }}/certDir {{ ansible_env['PWD'] }}/roles/OpenVPN-Client/files/"
+  name: "Moving certDir to files"
 
-- 
GitLab