Skip to content
Snippets Groups Projects
Normal view Permalink
copyCerts.yml 1.14 KiB
Newer Older
Shahaan Ayyub's avatar
Adding easy-rsa-CA-client and OpenVPN-Client roles.
Shahaan Ayyub committed
1 2 
--- 
-
Jupiter Hu's avatar
Changed certDir to inventory hostname, added default email and ou variables for easy-rsa-CA-client  
Jupiter Hu committed
3 
  copy: "src=/tmp/{{ inventory_hostname }}/ca.crt dest=/etc/openvpn/ca.crt  mode=644 owner=root group=root"
Shahaan Ayyub's avatar
Adding easy-rsa-CA-client and OpenVPN-Client roles.
Shahaan Ayyub committed
4 
  name: "Copying CA certificate"
Jupiter Hu's avatar
Add more checks for copying client certificate  
Jupiter Hu committed
5 
  when: "client_ca_cert.stat.exists == false"
Shahaan Ayyub's avatar
Adding easy-rsa-CA-client and OpenVPN-Client roles.
Shahaan Ayyub committed
6 
-
Jupiter Hu's avatar
Changed certDir to inventory hostname, added default email and ou variables for easy-rsa-CA-client  
Jupiter Hu committed
7 
  copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.crt dest=/etc/openvpn/{{ inventory_hostname }}.crt mode=644 owner=root group=root"
Shahaan Ayyub's avatar
Adding easy-rsa-CA-client and OpenVPN-Client roles.
Shahaan Ayyub committed
8 
  name: "Copying Client certificate"
Jupiter Hu's avatar
Add more checks for copying client certificate  
Jupiter Hu committed
9 
  when: "client_sign_cert.stat.exists == false"
Shahaan Ayyub's avatar
Adding easy-rsa-CA-client and OpenVPN-Client roles.
Shahaan Ayyub committed
10 
-
Jupiter Hu's avatar
Changed certDir to inventory hostname, added default email and ou variables for easy-rsa-CA-client  
Jupiter Hu committed
11 
  copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.key dest=/etc/openvpn/{{ inventory_hostname }}.key  mode=600 owner=root group=root"
Shahaan Ayyub's avatar
Adding easy-rsa-CA-client and OpenVPN-Client roles.
Shahaan Ayyub committed
12 
  name: "Copying Client key"
Jupiter Hu's avatar
Add more checks for copying client certificate  
Jupiter Hu committed
13 
  when: "client_key.stat.exists == false"
Jupiter Hu's avatar
Change to use template for configuration files  
Jupiter Hu committed
14 15 

- name: "Copying client.conf to the OpenVPN client"
Jupiter Hu's avatar
Restore files  
Jupiter Hu committed
16 17 18 19 20 21 22 23 24 
  template: src={{ item }} dest=/etc/openvpn/client.conf
  with_first_found:
    - files:
      - client.conf.j2
      - userConfig
      - defaultConfig
      paths:
        - ../templates/
        - ../files/
Jupiter Hu's avatar
Change to use template for configuration files  
Jupiter Hu committed
25 26 27 
  notify: restart openvpn

- name: "Removing Cert Directory"
Jupiter Hu's avatar
Changed certDir to inventory hostname, added default email and ou variables for easy-rsa-CA-client  
Jupiter Hu committed
28 
  local_action: "command rm -rf /tmp/{{ inventory_hostname }}"
Jupiter Hu's avatar
Add more checks for copying client certificate  
Jupiter Hu committed
29 
  when: "client_ca_cert.stat.exists == false or client_key.stat.exists == false or client_sign_cert.stat.exists == false"
Shahaan Ayyub's avatar
Made Few Test Changes to OpenVPN-Client and easy-rsa-CA-client  
Shahaan Ayyub committed
30