Merge pull request #34 from CVL-GitHub/desktopbranch

desktopbranch

roles/OpenVPN-Client/meta/main.yml

 ---
 dependencies:
+#  - { role: easy-rsa-CA }
   - { role: easy-rsa-certificate, x509_csr_args: "" }

roles/easy-rsa-certificate/tasks/buildCert.yml

@@ -33,7 +33,8 @@
   remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
   delegate_to: "{{ x509_ca_server }}"
   shell: rm -rf /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.*
-  when: cert.stat.exists == true and cert.stat.size == 0
+  when: cert is defined and cert.stat.size == 0
+  sudo: true
 
 - name: "set needcert if cert doesn't match key"
   set_fact: needcert=True
@@ -46,43 +47,43 @@
 
 - name: "Creating CSR"
   shell: " cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ x509_csr_args }} {{ x509_common_name }}"
-  args:
-    creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key"
   when: needcert
   sudo: true
 
 - name: "Copy CSR to ansible host"
-  fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr dest=/tmp/ fail_on_missing=yes validate_md5=yes flat=yes"
+  fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr dest=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr fail_on_missing=yes validate_md5=yes flat=yes"
   sudo: true
   when: needcert
 
+- name: "Create node tmp directory"
+  delegate_to: 127.0.0.1
+  shell: "mkdir -p /tmp/{{ inventory_hostname }} ; chmod 755 /tmp/{{ inventory_hostname }}"
+
 - name: "Copy CSR to CA"
   remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
   delegate_to: "{{ x509_ca_server }}"
-  copy: "src=/tmp/{{ x509_common_name }}.csr dest=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr force=yes"
+  copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr dest=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr force=yes"
   when: needcert
   sudo: true
 
 - name: "Sign Certificate"
   remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
   delegate_to: "{{ x509_ca_server }}"
-  shell:    ". ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
-  args:
-    chdir: "/etc/easy-rsa/2.0"
-    creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt"
+  shell:    "cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
+  when: needcert
   sudo: true
 
 - name: "Copy the Certificate to ansible host"
   remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
   delegate_to: "{{ x509_ca_server }}"
-  fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt dest=/tmp/ fail_on_missing=yes validate_md5=yes flat=yes"
+  fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt dest=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt fail_on_missing=yes validate_md5=yes flat=yes"
   sudo: true
   when: needcert
 
 - name: "Copy the CA Certificate to the ansible host"
   remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
   delegate_to: "{{ x509_ca_server }}"
-  fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/ca.crt fail_on_missing=yes validate_md5=yes flat=yes"
+  fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/{{ inventory_hostname }}/ca.crt fail_on_missing=yes validate_md5=yes flat=yes"
   sudo: true
   when: "ca_cert.stat.exists == false"
 
@@ -91,12 +92,17 @@
   sudo: true
 
 - name: "Copy the certificate to the node"
-  copy: "src=/tmp/{{ x509_common_name }}.crt dest={{ x509_cert_file }} force=yes"
+  copy: "src=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt dest=/tmp/{{ x509_common_name }}.crt force=yes"
+  sudo: true
+  when: needcert
+
+- name: "Copy the certificate to the right location"
+  shell: "cp -f /tmp/{{ x509_common_name }}.crt {{ x509_cert_file }}"
   sudo: true
   when: needcert
 
 - name: "Copy the CA certificate to the node"
-  copy: "src=/tmp/ca.crt dest={{ x509_cacert_file }}"
+  copy: "src=/tmp/{{ inventory_hostname }}/ca.crt dest={{ x509_cacert_file }}"
   sudo: true
   when: "ca_cert.stat.exists == false"
 

roles/etcHosts/defaults/main.yml

----
-domain: testdomain.massive.org.au
-get_groups: true
-edit_hosts: true

roles/etcHosts/tasks/main.yml

@@ -2,14 +2,12 @@
   template: dest=/tmp/groups src=groups.j2
   run_once: True
   delegate_to: 127.0.0.1
-  when: get_groups
 
 - name: make hosts data
   command: ./scripts/makehosts.py /tmp/groups {{ domain }}
   delegate_to: 127.0.0.1
   run_once: True
   register: hosts_data
-  when: edit_hosts
                
 - name: write hosts file
   lineinfile:
@@ -19,5 +17,3 @@
     state: present
   sudo: true
   with_items: hosts_data.stdout_lines
-  when: edit_hosts
-

roles/nfs-client/defaults/main.yml

----
-nfsClientSrcDir: '/mnt'
-nfsClientDestDir: '/mnt/test-nfs'
-nfs_server: 'nfsserver.edu' 
-nfs_type: 'nfs'
-nfs_options: 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock'

roles/nfs-client/tasks/mountFileSystem.yml

 --- 
--
-  name: "Get the NFS Network"
+- name: "Get the NFS Network"
   setup: 
   register: nfsServer
   run_once: true
   delegate_to: "{{ nfs_server }}"
-- 
+  when: nfsServer is not defined
+
+- name: "Mounting NFS mounts"
   mount: "name={{ item.name }} src={{ nfsServer['ansible_facts']['ansible_'+item.interface]['ipv4']['address'] }}:{{ item.src }} fstype={{ item.fstype }} opts={{ item.opts }} state=mounted"
-  name: "Mounting NFS mounts"
   with_items: exportList 
   notify: "restart authentication"
   notify: "restart idmap"

roles/nfs-client/vars/main.yml → roles/nfs-client/vars/readme.txt

 ---
 # This is a list of exports, individual entry for each mount.
 exportList:
- - { name : '/mnt/test-nfs', src : '/mnt',fstype : 'nfs', opts : 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock' , interface : 'tun0' }
- - { name : '/mnt/test-volume', src : '/mnt/vdc',fstype : 'nfs', opts : 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock' , interface : 'tun0' }
+ - { name : '/mnt/test-nfs', src : '/mnt',fstype : 'nfs', opts : 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock' , interface : 'tun0', srvopts: 'rw,sync,root_squash' }
+ - { name : '/mnt/test-volume', src : '/mnt/vdc',fstype : 'nfs', opts : 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock' , interface : 'tun0', srvopts: 'rw,sync,root_squash' }

roles/nfs-server/vars/main.yml → roles/nfs-server/defaults/main.yml

 ---
 mkFileSystems:
  - { fstype : 'ext4', dev : '/dev/vdc', opts: '' } 
+configDiskDevice: true 

roles/nfs-server/tasks/mkFilesystem.yml

@@ -3,7 +3,10 @@
  name: Format File Systems
  filesystem: fstype={{ item.fstype }} dev={{ item.dev }} opts={{ item.opts }}
  with_items: mkFileSystems
+ when: configDiskDevice
 -
  name: Mount file systems
  mount: name=/mnt/{{ item.dev | basename }} src={{ item.dev }} fstype={{ item.fstype }} opts=loop state=mounted
  with_items: mkFileSystems
+ when: configDiskDevice
+

roles/slurm-build/tasks/main.yml

@@ -38,8 +38,7 @@
 - name: install munge deps
   shell: rpm -i /root/rpmbuild/RPMS/x86_64/munge-libs-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-{{ munge_version }}-1.el6.x86_64.rpm /root/rpmbuild/RPMS/x86_64/munge-devel-{{ munge_version }}-1.el6.x86_64.rpm
   sudo: true
-#  ignore_errors: true
-  when: munge_installed | failed 
+  when: munge_installed.stdout.find("munge") == -1 
 
 - name: make slurm rpms
   shell: rpmbuild -ta --clean slurm-{{ slurm_version }}.tar.bz2

roles/slurm/templates/slurm-vpn.conf.j2

@@ -105,5 +105,5 @@ NodeName={{ node }} NodeAddr={{ node }}-vpn Procs={{ hostvars[node]['ansible_pro
 {% endfor %}
 
 {% for queue in slurmqueues %}
-PartitionName={{ queue.name }} Nodes={{ groups[queue.group]|join(',') }}
+PartitionName={{ queue.name }} {% if queue.default %}Default=yes{% endif %} Nodes={{ groups[queue.group]|join(',') }}
 {% endfor %}

roles/slurm/templates/slurm.conf.j2

@@ -105,5 +105,5 @@ NodeName={{ node }} Procs={{ hostvars[node]['ansible_processor_cores'] }} State=
 {% endfor %}
 
 {% for queue in slurmqueues %}
-PartitionName={{ queue.name }} Nodes={{ groups[queue.group]|join(',') }}
+PartitionName={{ queue.name }} {% if queue.default %}Default=yes{% endif %} Nodes={{ groups[queue.group]|join(',') }}
 {% endfor %}