From 714506a90593d261f27c0ab985275354cbef8a11 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Sun, 14 May 2017 21:51:47 +0000 Subject: [PATCH] handle poor old rhel6 --- roles/openvpn/base/tasks/main.yml | 20 ++++++++++++++++--- roles/openvpn/client/tasks/main.yml | 30 ++++++++++++++++++++++++++--- 2 files changed, 44 insertions(+), 6 deletions(-) diff --git a/roles/openvpn/base/tasks/main.yml b/roles/openvpn/base/tasks/main.yml index 5e5271a58a..fcf43a7a0b 100644 --- a/roles/openvpn/base/tasks/main.yml +++ b/roles/openvpn/base/tasks/main.yml @@ -7,7 +7,7 @@ - openvpn tags: - packages - when: ansible_distribution_major_version|int < 22 + when: ansible_distribution_major_version|int < 7 - name: Install needed package (dnf) dnf: pkg={{ item }} state=present @@ -15,9 +15,22 @@ - openvpn tags: - packages - when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined + when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined -- name: Install certificate and key +- name: Install certificate and key (rhel6) + copy: src={{ private }}/files/vpn/openvpn/keys/ca.crt + dest=/etc/openvpn/ca.crt + owner=root group=root mode=0600 + tags: + - install + - openvpn + #notify: + #- restart openvpn (Fedora) + #- restart openvpn (RHEL7) + #- restart openvpn (RHEL6) + when: ansible_distribution_major_version|int < 7 + +- name: Install certificate and key (rhel7 or fedora) copy: src={{ private }}/files/vpn/openvpn/keys/ca.crt dest=/etc/openvpn/client/ca.crt owner=root group=root mode=0600 @@ -28,6 +41,7 @@ #- restart openvpn (Fedora) #- restart openvpn (RHEL7) #- restart openvpn (RHEL6) + when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined - name: install fix-routes.sh script copy: src=fix-routes.sh diff --git a/roles/openvpn/client/tasks/main.yml b/roles/openvpn/client/tasks/main.yml index 4ff948537a..7bdcfe2c42 100644 --- a/roles/openvpn/client/tasks/main.yml +++ b/roles/openvpn/client/tasks/main.yml @@ -8,7 +8,7 @@ tags: - packages - openvpn - when: ansible_distribution_major_version|int < 22 + when: ansible_distribution_major_version|int < 8 - name: Install needed packages dnf: pkg={{ item }} state=present @@ -17,9 +17,9 @@ tags: - packages - openvpn - when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined + when: ansible_distribution_major_version|int > 6 and ansible_cmdline.ostree is not defined -- name: Install configuration files +- name: Install configuration files (rhel7 and fedora) copy: src={{ item.file }} dest={{ item.dest }} owner=root group=root mode={{ item.mode }} @@ -40,6 +40,30 @@ # - restart openvpn (Fedora) # - restart openvpn (RHEL7) # - restart openvpn (RHEL6) + when: ansible_distribution_major_version|int > 6 and ansible_cmdline.ostree is not defined + +- name: Install configuration files (rhel6) + copy: src={{ item.file }} + dest={{ item.dest }} + owner=root group=root mode={{ item.mode }} + with_items: + - { file: client.conf, + dest: /etc/openvpn/openvpn.conf, + mode: '0644' } + - { file: "{{ private }}/files/vpn/openvpn/keys/{{ inventory_hostname }}.crt", + dest: "/etc/openvpn/client.crt", + mode: '0600' } + - { file: "{{ private }}/files/vpn/openvpn/keys/{{ inventory_hostname }}.key", + dest: "/etc/openvpn/client.key", + mode: '0600' } + tags: + - install + - openvpn +# notify: +# - restart openvpn (Fedora) +# - restart openvpn (RHEL7) +# - restart openvpn (RHEL6) + when: ansible_distribution_major_version|int < 7 and ansible_cmdline.ostree is not defined - name: enable openvpn service for rhel 6 service: name=openvpn state=started enabled=true