Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

handle poor old rhel6

Browse source
This commit is contained in:
Kevin Fenzi 2017-05-14 21:51:47 +00:00
parent f400f56c6b
commit 714506a905
2 changed files with 44 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

20
roles/openvpn/base/tasks/main.yml
View file

@ -7,7 +7,7 @@
- openvpn - openvpn
tags: tags:
- packages - packages
when: ansible_distribution_major_version|int < 22 when: ansible_distribution_major_version|int < 7
- name: Install needed package (dnf) - name: Install needed package (dnf)
dnf: pkg={{ item }} state=present dnf: pkg={{ item }} state=present
@ -15,9 +15,22 @@
- openvpn - openvpn
tags: tags:
- packages - packages
when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined
- name: Install certificate and key - name: Install certificate and key (rhel6)
copy: src={{ private }}/files/vpn/openvpn/keys/ca.crt
dest=/etc/openvpn/ca.crt
owner=root group=root mode=0600
tags:
- install
- openvpn
#notify:
#- restart openvpn (Fedora)
#- restart openvpn (RHEL7)
#- restart openvpn (RHEL6)
when: ansible_distribution_major_version|int < 7
- name: Install certificate and key (rhel7 or fedora)
copy: src={{ private }}/files/vpn/openvpn/keys/ca.crt copy: src={{ private }}/files/vpn/openvpn/keys/ca.crt
dest=/etc/openvpn/client/ca.crt dest=/etc/openvpn/client/ca.crt
owner=root group=root mode=0600 owner=root group=root mode=0600
@ -28,6 +41,7 @@
#- restart openvpn (Fedora) #- restart openvpn (Fedora)
#- restart openvpn (RHEL7) #- restart openvpn (RHEL7)
#- restart openvpn (RHEL6) #- restart openvpn (RHEL6)
when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined
- name: install fix-routes.sh script - name: install fix-routes.sh script
copy: src=fix-routes.sh copy: src=fix-routes.sh

30
roles/openvpn/client/tasks/main.yml
View file

@ -8,7 +8,7 @@
tags: tags:
- packages - packages
- openvpn - openvpn
when: ansible_distribution_major_version|int < 22 when: ansible_distribution_major_version|int < 8
- name: Install needed packages - name: Install needed packages
dnf: pkg={{ item }} state=present dnf: pkg={{ item }} state=present
@ -17,9 +17,9 @@
tags: tags:
- packages - packages
- openvpn - openvpn
when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined when: ansible_distribution_major_version|int > 6 and ansible_cmdline.ostree is not defined
- name: Install configuration files - name: Install configuration files (rhel7 and fedora)
copy: src={{ item.file }} copy: src={{ item.file }}
dest={{ item.dest }} dest={{ item.dest }}
owner=root group=root mode={{ item.mode }} owner=root group=root mode={{ item.mode }}
@ -40,6 +40,30 @@
# - restart openvpn (Fedora) # - restart openvpn (Fedora)
# - restart openvpn (RHEL7) # - restart openvpn (RHEL7)
# - restart openvpn (RHEL6) # - restart openvpn (RHEL6)
when: ansible_distribution_major_version|int > 6 and ansible_cmdline.ostree is not defined
- name: Install configuration files (rhel6)
copy: src={{ item.file }}
dest={{ item.dest }}
owner=root group=root mode={{ item.mode }}
with_items:
- { file: client.conf,
dest: /etc/openvpn/openvpn.conf,
mode: '0644' }
- { file: "{{ private }}/files/vpn/openvpn/keys/{{ inventory_hostname }}.crt",
dest: "/etc/openvpn/client.crt",
mode: '0600' }
- { file: "{{ private }}/files/vpn/openvpn/keys/{{ inventory_hostname }}.key",
dest: "/etc/openvpn/client.key",
mode: '0600' }
tags:
- install
- openvpn
# notify:
# - restart openvpn (Fedora)
# - restart openvpn (RHEL7)
# - restart openvpn (RHEL6)
when: ansible_distribution_major_version|int < 7 and ansible_cmdline.ostree is not defined
- name: enable openvpn service for rhel 6 - name: enable openvpn service for rhel 6
service: name=openvpn state=started enabled=true service: name=openvpn state=started enabled=true