Changed certDir to inventory hostname, added default email and ou variables for easy-rsa-CA-client

b53a6fcb · Jupiter Hu · e23e6823 · b53a6fcb · b53a6fcb · b53a6fcb
Commit b53a6fcb authored 10 years ago by Jupiter Hu
--- a/roles/OpenVPN-Client/tasks/copyCerts.yml
+++ b/roles/OpenVPN-Client/tasks/copyCerts.yml
 --- 
 - 
-  copy: "src=/tmp/certDir/ca.crt dest=/etc/openvpn/ca.crt  mode=644 owner=root group=root"
+  copy: "src=/tmp/{{ inventory_hostname }}/ca.crt dest=/etc/openvpn/ca.crt  mode=644 owner=root group=root"
  name: "Copying CA certificate"
 - 
-  copy: "src=/tmp/certDir/{{ inventory_hostname }}.crt dest=/etc/openvpn/{{ inventory_hostname }}.crt mode=644 owner=root group=root"
+  copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.crt dest=/etc/openvpn/{{ inventory_hostname }}.crt mode=644 owner=root group=root"
  name: "Copying Client certificate"
 - 
-  copy: "src=/tmp/certDir/{{ inventory_hostname }}.key dest=/etc/openvpn/{{ inventory_hostname }}.key  mode=600 owner=root group=root"
+  copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.key dest=/etc/openvpn/{{ inventory_hostname }}.key  mode=600 owner=root group=root"
  name: "Copying Client key"
 - 
  copy: "src=client.conf dest=/etc/openvpn/client.conf owner=root group=root mode=644"
@@ -21,6 +21,6 @@
  name: "Starting openvpn"
  service: "name=openvpn enabled=yes state=started"
 - 
-  local_action: "command rm -rf /tmp/certDir/{{ inventory_hostname }}.cert"
+  local_action: "command rm -rf /tmp/{{ inventory_hostname }}"
  name: "Removing Cert Directory"
--- a/roles/easy-rsa-CA-client/tasks/buildClientCert.yml
+++ b/roles/easy-rsa-CA-client/tasks/buildClientCert.yml
@@ -11,14 +11,14 @@
  when: "cert.stat.exists  == false"
 - 
  delegate_to: "{{ server }}"
-  fetch: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt dest=/tmp/certDir/ fail_on_missing=yes validate_md5=yes flat=yes"
+  fetch: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.crt dest=/tmp/{{ inventory_hostname }}/ fail_on_missing=yes validate_md5=yes flat=yes"
  name: "Copy the Client Certificate to the master node"
 - 
  delegate_to: "{{ server }}"
-  fetch: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.key dest=/tmp/certDir/ fail_on_missing=yes validate_md5=yes flat=yes"
+  fetch: "src=/etc/easy-rsa/2.0/keys/{{ inventory_hostname }}.key dest=/tmp/{{ inventory_hostname }}/ fail_on_missing=yes validate_md5=yes flat=yes"
  name: "Copy the Client Certificate to the master node"
 - 
  delegate_to: "{{ server }}"
-  fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/certDir/ fail_on_missing=yes validate_md5=yes flat=yes"
+  fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/{{ inventory_hostname }}/ fail_on_missing=yes validate_md5=yes flat=yes"
  name: "Copy the Client Certificate to the master node"
--- a/roles/easy-rsa-CA-client/tasks/copyConfigurationFile.yml
+++ b/roles/easy-rsa-CA-client/tasks/copyConfigurationFile.yml
@@ -8,3 +8,10 @@
      - defaultConfig
    - paths:
      - /mnt/nectar-nfs/root/ansible-config-root/ansible_cluster_in_a_box/roles/easy-rsa-CA/files
+- 
+  name: "Editing key_email in config file"
+  replace: dest=/etc/easy-rsa/2.0/vars regexp="shahaan.ayyub@monash.edu" replace={{ key_email }}
+- 
+  name: "Editing key_ou in config file"
+  replace: dest=/etc/easy-rsa/2.0/vars regexp="MCC-R@CMON" replace={{ key_ou }}
--- a/roles/easy-rsa-CA-client/tasks/main.yml
+++ b/roles/easy-rsa-CA-client/tasks/main.yml
@@ -2,6 +2,6 @@
 -
  include: installEasyRsa.yml
 -
-  include: copyConfigurationFile.yml
+  include: copyConfigurationFile.yml 
 - 
  include: buildClientCert.yml