From 8ad630412f6abd082d08a628260b408d88d99b21 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Tue, 18 Sep 2018 05:49:15 +0200
Subject: [PATCH] Make OpenVPN use tun1 for os-node's

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
---
 roles/openvpn/client/tasks/main.yml              | 16 +++++++++++++---
 .../client/{files => templates}/client.conf      |  5 +++++
 2 files changed, 18 insertions(+), 3 deletions(-)
 rename roles/openvpn/client/{files => templates}/client.conf (70%)

diff --git a/roles/openvpn/client/tasks/main.yml b/roles/openvpn/client/tasks/main.yml
index 27c150d16a..1ed3d173b2 100644
--- a/roles/openvpn/client/tasks/main.yml
+++ b/roles/openvpn/client/tasks/main.yml
@@ -19,14 +19,24 @@
   - openvpn
   when: ansible_distribution_major_version|int > 7 and ansible_cmdline.ostree is not defined
 
+- name: Install main config file (rhel7 and fedora)
+  template: src=client.conf
+            dest=/etc/openvpn/client/openvpn.conf
+            owner=root group=root mode=0644
+  tags:
+  - install
+  - openvpn
+#  notify:
+#  - restart openvpn (Fedora)
+#  - restart openvpn (RHEL7)
+#  - restart openvpn (RHEL6)
+  when: ( ansible_distribution_major_version|int != 6 and ansible_distribution_major_version|int != 24) and ansible_cmdline.ostree is not defined
+
 - name: Install configuration files (rhel7 and fedora)
   copy: src={{ item.file }}
         dest={{ item.dest }}
         owner=root group=root mode={{ item.mode }}
   with_items:
-  - { file: client.conf,
-      dest: /etc/openvpn/client/openvpn.conf,
-      mode: '0644' }
   - { file: "{{ private }}/files/vpn/pki/issued/{{ inventory_hostname }}.crt",
       dest: "/etc/openvpn/client/client.crt",
       mode: '0600' }
diff --git a/roles/openvpn/client/files/client.conf b/roles/openvpn/client/templates/client.conf
similarity index 70%
rename from roles/openvpn/client/files/client.conf
rename to roles/openvpn/client/templates/client.conf
index 5042ed6e25..f398c9a396 100644
--- a/roles/openvpn/client/files/client.conf
+++ b/roles/openvpn/client/templates/client.conf
@@ -1,6 +1,11 @@
 client
 
+{% if hostname.startswith("os-node") %}
+# OpenShift REALLY wants tun0. Let's make sure openvpn doesn't claim it
+dev tun1
+{% else %}
 dev tun
+{% endif %}
 
 proto udp