Merge pull request #6 from CVL-GitHub/master

Add conditional to fix multiple hosts

roles/etcHosts/defaults/main.yml

 ---
 domain: testdomain.massive.org.au
+get_groups: true
+edit_hosts: true

roles/etcHosts/tasks/main.yml

@@ -2,12 +2,14 @@
   template: dest=/tmp/groups src=groups.j2
   run_once: True
   delegate_to: 127.0.0.1
+  when: get_groups
 
 - name: make hosts data
   command: ./scripts/makehosts.py /tmp/groups {{ domain }}
   delegate_to: 127.0.0.1
   run_once: True
   register: hosts_data
+  when: edit_hosts
                
 - name: write hosts file
   lineinfile:
@@ -17,3 +19,5 @@
     state: present
   sudo: true
   with_items: hosts_data.stdout_lines
+  when: edit_hosts
+

templates/easy-rsa/vars.j2

+# easy-rsa parameter settings
+
+# NOTE: If you installed from an RPM,
+# don't edit this file in place in
+# /usr/share/openvpn/easy-rsa --
+# instead, you should copy the whole
+# easy-rsa directory to another location
+# (such as /etc/openvpn) so that your
+# edits will not be wiped out by a future
+# OpenVPN package upgrade.
+
+# This variable should point to
+# the top level of the easy-rsa
+# tree.
+export EASY_RSA="/etc/easy-rsa/2.0"
+
+#
+# This variable should point to
+# the requested executables
+#
+export OPENSSL="openssl"
+export PKCS11TOOL="pkcs11-tool"
+export GREP="grep"
+
+
+# This variable should point to
+# the openssl.cnf file included
+# with easy-rsa.
+export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
+
+# Edit this variable to point to
+# your soon-to-be-created key
+# directory.
+#
+# WARNING: clean-all will do
+# a rm -rf on this directory
+# so make sure you define
+# it correctly!
+export KEY_DIR="$EASY_RSA/keys"
+
+# Issue rm -rf warning
+echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
+
+# PKCS11 fixes
+export PKCS11_MODULE_PATH="dummy"
+export PKCS11_PIN="dummy"
+
+# Increase this to 2048 if you
+# are paranoid.  This will slow
+# down TLS negotiation performance
+# as well as the one-time DH parms
+# generation process.
+export KEY_SIZE=512
+
+# In how many days should the root CA key expire?
+export CA_EXPIRE=3650
+
+# In how many days should certificates expire?
+export KEY_EXPIRE=3650
+
+# These are the default values for fields
+# which will be placed in the certificate.
+# Don't leave any of these fields blank.
+export KEY_COUNTRY={{ countryName }}
+export KEY_PROVINCE={{ reginalName }} 
+export KEY_CITY={{ cityName }} 
+export KEY_ORG={{ organizationName }} 
+export KEY_EMAIL={{ emailAddress }} 
+export KEY_OU={{ organizationUnit }}
+
+# X509 Subject Field
+export KEY_NAME="EasyRSA"
+
+# PKCS11 Smart Card
+# export PKCS11_MODULE_PATH="/usr/lib/changeme.so"
+# export PKCS11_PIN=1234
+
+# If you'd like to sign all keys with the same Common Name, uncomment the KEY_CN export below
+# You will also need to make sure your OpenVPN server config has the duplicate-cn option set
+# export KEY_CN="CommonName"