handle poor old rhel6

2017-05-14 21:51:47 +00:00 · 2017-05-14 21:51:47 +00:00 · 714506a905
commit 714506a905
parent f400f56c6b
2 changed files with 44 additions and 6 deletions
--- a/roles/openvpn/base/tasks/main.yml
+++ b/roles/openvpn/base/tasks/main.yml
@ -7,7 +7,7 @@
  - openvpn
  tags:
  - packages
-  when: ansible_distribution_major_version|int < 22
+  when: ansible_distribution_major_version|int < 7

 - name: Install needed package (dnf)
  dnf: pkg={{ item }} state=present
@ -15,9 +15,22 @@
  - openvpn
  tags:
  - packages
-  when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined

- name: Install certificate and key
+- name: Install certificate and key (rhel6)
+  copy: src={{ private }}/files/vpn/openvpn/keys/ca.crt
+        dest=/etc/openvpn/ca.crt
+        owner=root group=root mode=0600
+  tags:
+  - install
+  - openvpn
+  #notify:
+  #- restart openvpn (Fedora)
+  #- restart openvpn (RHEL7)
+  #- restart openvpn (RHEL6)
+  when: ansible_distribution_major_version|int < 7
+
+- name: Install certificate and key (rhel7 or fedora)
  copy: src={{ private }}/files/vpn/openvpn/keys/ca.crt
        dest=/etc/openvpn/client/ca.crt
        owner=root group=root mode=0600
@ -28,6 +41,7 @@
  #- restart openvpn (Fedora)
  #- restart openvpn (RHEL7)
  #- restart openvpn (RHEL6)
+  when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined

 - name: install fix-routes.sh script
  copy: src=fix-routes.sh
--- a/roles/openvpn/client/tasks/main.yml
+++ b/roles/openvpn/client/tasks/main.yml
@ -8,7 +8,7 @@
  tags:
  - packages
  - openvpn
-  when: ansible_distribution_major_version|int < 22
+  when: ansible_distribution_major_version|int < 8

 - name: Install needed packages
  dnf: pkg={{ item }} state=present
@ -17,9 +17,9 @@
  tags:
  - packages
  - openvpn
-  when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 6 and ansible_cmdline.ostree is not defined

- name: Install configuration files
+- name: Install configuration files (rhel7 and fedora)
  copy: src={{ item.file }}
        dest={{ item.dest }}
        owner=root group=root mode={{ item.mode }}
@ -40,6 +40,30 @@
 #  - restart openvpn (Fedora)
 #  - restart openvpn (RHEL7)
 #  - restart openvpn (RHEL6)
+  when: ansible_distribution_major_version|int > 6 and ansible_cmdline.ostree is not defined
+
+- name: Install configuration files (rhel6)
+  copy: src={{ item.file }}
+        dest={{ item.dest }}
+        owner=root group=root mode={{ item.mode }}
+  with_items:
+  - { file: client.conf,
+      dest: /etc/openvpn/openvpn.conf,
+      mode: '0644' }
+  - { file: "{{ private }}/files/vpn/openvpn/keys/{{ inventory_hostname }}.crt",
+      dest: "/etc/openvpn/client.crt",
+      mode: '0600' }
+  - { file: "{{ private }}/files/vpn/openvpn/keys/{{ inventory_hostname }}.key",
+      dest: "/etc/openvpn/client.key",
+      mode: '0600' }
+  tags:
+  - install
+  - openvpn
+#  notify:
+#  - restart openvpn (Fedora)
+#  - restart openvpn (RHEL7)
+#  - restart openvpn (RHEL6)
+  when: ansible_distribution_major_version|int < 7 and ansible_cmdline.ostree is not defined

 - name: enable openvpn service for rhel 6
  service: name=openvpn state=started enabled=true