Skip to content
Snippets Groups Projects
Commit 3cf7ebcf authored by Chris Hines's avatar Chris Hines
Browse files

updates to the easy-rsa roles to make them work on debian (for karaage installation)

parent 96fa1f40
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
roles/OpenVPN-Server/vars/main.yml
+ 1
1
View file @ 3cf7ebcf
--- ---
x509_csr_args: "--server" x509_csr_args: "--server"
x509_cacert_file: "/etc/ssl/certs/cacert.pem" x509_cacert_file: "/etc/ssl/certs/ca.crt"
x509_key_file: "/etc/ssl/private/server.key" x509_key_file: "/etc/ssl/private/server.key"
x509_cert_file: "/etc/ssl/certs/server.pem" x509_cert_file: "/etc/ssl/certs/server.pem"
x509_common_name: "{{ ansible_fqdn }}_OpenVPN_Server" x509_common_name: "{{ ansible_fqdn }}_OpenVPN_Server"
......
roles/easy-rsa-certificate/tasks/buildCert.yml
+ 2
2
View file @ 3cf7ebcf
...@@ -39,7 +39,7 @@ ...@@ -39,7 +39,7 @@
when: needcert when: needcert
- name: "Creating CSR" - name: "Creating CSR"
shell: " cd /etc/easy-rsa/2.0; source ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ x509_csr_args }} {{ x509_common_name }}" shell: " cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ x509_csr_args }} {{ x509_common_name }}"
args: args:
creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key" creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key"
when: needcert when: needcert
...@@ -58,7 +58,7 @@ ...@@ -58,7 +58,7 @@
- name: "Sign Certificate" - name: "Sign Certificate"
delegate_to: "{{ x509_ca_server }}" delegate_to: "{{ x509_ca_server }}"
shell: "source ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}" shell: ". ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
args: args:
chdir: "/etc/easy-rsa/2.0" chdir: "/etc/easy-rsa/2.0"
creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt" creates: "/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt"
......
roles/easy-rsa-common/tasks/installEasyRsa.yml
+ 22
0
View file @ 3cf7ebcf
...@@ -3,9 +3,31 @@ ...@@ -3,9 +3,31 @@
name: "Installing easy-rsa" name: "Installing easy-rsa"
yum: "name=easy-rsa state=latest" yum: "name=easy-rsa state=latest"
sudo: True sudo: True
when: ansible_os_family == 'RedHat'
-
name: "Installing easy-rsa"
apt: "name=openvpn state=latest"
sudo: True
when: ansible_os_family == 'Debian'
- -
name: "Moving easy-rsa to /etc" name: "Moving easy-rsa to /etc"
shell: "cp -rf /usr/share/easy-rsa /etc/" shell: "cp -rf /usr/share/easy-rsa /etc/"
args: args:
creates: /etc/easy-rsa creates: /etc/easy-rsa
sudo: True sudo: True
when: ansible_os_family == 'RedHat'
-
name: "Moving easy-rsa to /etc"
shell: "cp -rf /usr/share/doc/openvpn/examples/easy-rsa /etc/"
args:
creates: /etc/easy-rsa
sudo: True
when: ansible_os_family == 'Debian'
register: installed
- name: "Clean all"
shell: " cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/clean-all"
args:
creates: "/etc/easy-rsa/2.0/keys/"
when: installed|changed
sudo: true
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment