From 14d4978bd003800d5eb5b7ce9ad17f4852678a41 Mon Sep 17 00:00:00 2001
From: shahaan <shahaan@gmail.com>
Date: Tue, 9 Dec 2014 10:36:24 +1100
Subject: [PATCH] Added list feature to NFS, added a Zero sized certificate
 check.

---
 installNFS.yml                                 | 2 +-
 roles/easy-rsa-certificate/tasks/buildCert.yml | 8 +++++++-
 roles/nfs-client/defaults/main.yml             | 1 -
 roles/nfs-client/tasks/mountFileSystem.yml     | 8 ++------
 roles/nfs-client/vars/main.yml                 | 5 +++--
 roles/syncExports/tasks/addExports.yml         | 5 +++++
 roles/syncExports/templates/exports.j2         | 4 ++--
 7 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/installNFS.yml b/installNFS.yml
index 0c6b1c24..33ab1e51 100644
--- a/installNFS.yml
+++ b/installNFS.yml
@@ -20,7 +20,7 @@
     - easy-rsa-certificate 
     - OpenVPN-Client
     - nfs-common
-    - syncExports
+    - { role: syncExports, group_list:['openvpn-clients'], interface_list: ['eth0','tun0'] }
     - nfs-client
   sudo: true
   vars: 
diff --git a/roles/easy-rsa-certificate/tasks/buildCert.yml b/roles/easy-rsa-certificate/tasks/buildCert.yml
index ee22f077..1e587882 100644
--- a/roles/easy-rsa-certificate/tasks/buildCert.yml
+++ b/roles/easy-rsa-certificate/tasks/buildCert.yml
@@ -27,7 +27,13 @@
 
 - name: "set needcert if cert is missing"
   set_fact: needcert=True
-  when: cert.stat.exists == false
+  when: cert.stat.exists == false and cert.stat.size == 0
+
+- name: "Delete Zero Sized Ceritificates"
+  remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
+  delegate_to: "{{ x509_ca_server }}"
+  shell: rm -rf /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.*
+  when: cert.stat.size == 0
 
 - name: "set needcert if cert doesn't match key"
   set_fact: needcert=True
diff --git a/roles/nfs-client/defaults/main.yml b/roles/nfs-client/defaults/main.yml
index 60ca9c11..2c6b8352 100644
--- a/roles/nfs-client/defaults/main.yml
+++ b/roles/nfs-client/defaults/main.yml
@@ -1,4 +1,3 @@
 ---
-nfs_server: "nfsserver.edu" 
 nfs_type: "nfs"
 nfs_options: "vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock"
diff --git a/roles/nfs-client/tasks/mountFileSystem.yml b/roles/nfs-client/tasks/mountFileSystem.yml
index 66da94c1..27b2328c 100644
--- a/roles/nfs-client/tasks/mountFileSystem.yml
+++ b/roles/nfs-client/tasks/mountFileSystem.yml
@@ -6,13 +6,9 @@
  run_once: true
  delegate_to: "{{ nfs_server }}"
 - 
-  mount: "name={{ item.0 }} src={{ nfsServer['ansible_facts']['ansible_tun0']['ipv4']['address'] }}:{{ item.1 }} fstype={{ nfs_type }} opts={{ nfs_options }} state=mounted"
+  mount: "name={{ item.name }} src={{ nfsServer['ansible_facts']['ansible_tun0']['ipv4']['address'] }}:{{ item.src }} fstype={{ item.fstype }} opts={{ item.opts }} state=mounted"
   name: "Mounting NFS mounts"
-  with_together: 
-    - destDir
-    - srcDir
+  with_items: exportList 
   notify: "restart authentication"
   notify: "restart idmap"
   sudo: true 
-
-  
diff --git a/roles/nfs-client/vars/main.yml b/roles/nfs-client/vars/main.yml
index 2a7137f2..6d9a86f9 100644
--- a/roles/nfs-client/vars/main.yml
+++ b/roles/nfs-client/vars/main.yml
@@ -1,3 +1,4 @@
 ---
-srcDir: ['/mnt']
-destDir: ['/mnt/test-nfs']
+# This is a list of exports, individual entry for each mount.
+exportList:
+ - { name : '/mnt/test-nfs', src : '/mnt',fstype : 'nfs', opts : 'vers=3,noatime,rsize=16384,wsize=16384,hard,intr,tcp,nolock' }
diff --git a/roles/syncExports/tasks/addExports.yml b/roles/syncExports/tasks/addExports.yml
index fb08d1ac..d5bb1115 100644
--- a/roles/syncExports/tasks/addExports.yml
+++ b/roles/syncExports/tasks/addExports.yml
@@ -4,3 +4,8 @@
   template: src=exports.j2 dest=/etc/exports owner=root group=root mode=644
   delegate_to: "{{ nfs_server }}"
   run_once: true
+-
+  name : Restart the NFS Server
+  service: name=nfs state=restarted
+  delegate_to: "{{ nfs_server }}"
+  run_once: true
diff --git a/roles/syncExports/templates/exports.j2 b/roles/syncExports/templates/exports.j2
index 2949f722..ab59cf68 100644
--- a/roles/syncExports/templates/exports.j2
+++ b/roles/syncExports/templates/exports.j2
@@ -1,4 +1,4 @@
-{% for src in srcDir %}
-{{ src }} {% for node in  groups['openvpn-clients'] %}{% for ip in hostvars[node]['ansible_all_ipv4_addresses'] %}{{ ip }}(rw,sync,root_squash) {% endfor %}{% endfor %}
+{% for export in exportList %}
+{{ export.src }} {% for group_name in group_list %}{% for node in  groups[group_name] %}{% for interface_name in interface_list %}{{ hostvars[node]['ansible_'+interface_name]['ipv4']['address'] }}(rw,sync,root_squash) {% endfor %}{% endfor %}{% endfor %}
 
 {% endfor %}
-- 
GitLab