Gitiles
Code Review Sign In
gerrit.opencord.org / xos / a9a999dd89a5d471cc4c1ce14ad62fbad6788886 / . / xos / synchronizers / vpn / steps / sync_vpntenant.yaml
blob: 1b9f33889d0c473ca79c4a4fb5f09e7315dcb342 [file] [log] [blame]
Jeremy Mowery0d693d32015-12-04 13:50:05 -0700[diff] [blame]1---
2- hosts: {{ instance_name }}
3 gather_facts: False
4 connection: ssh
5 user: ubuntu
6 sudo: yes
Jeremy Mowery9a7ac292016-01-07 15:00:07 -0700[diff] [blame]7 vars:
Jeremy Moweryfd081292016-02-07 17:07:55 -0700[diff] [blame]8 server_network: {{ server_network }}
Jeremy Mowery9a7ac292016-01-07 15:00:07 -0700[diff] [blame]9 is_persistent: {{ is_persistent }}
Jeremy Moweryfd081292016-02-07 17:07:55 -0700[diff] [blame]10 vpn_subnet: {{ vpn_subnet }}
11 clients_can_see_each_other: {{ clients_can_see_each_other }}
Jeremy Mowery6d49f1a2016-03-21 17:56:25 -0700[diff] [blame]12 port_number: {{ port_number }}
13 protocol: {{ protocol }}
Jeremy Mowery9d718b52016-04-02 10:16:21 -0700[diff] [blame]14 pki_dir: {{ pki_dir }}
Jeremy Mowery9a7ac292016-01-07 15:00:07 -0700[diff] [blame]15
Jeremy Mowery0d693d32015-12-04 13:50:05 -0700[diff] [blame]16 tasks:
Jeremy Mowery8e91e872015-12-06 22:43:19 -0700[diff] [blame]17 - name: install openvpn
18 apt: name=openvpn state=present update_cache=yes
Jeremy Mowery0d693d32015-12-04 13:50:05 -0700[diff] [blame]19
Jeremy Mowerycec14012016-01-06 16:16:17 -0700[diff] [blame]20 - name: stop openvpn
Jeremy Mowery9d718b52016-04-02 10:16:21 -0700[diff] [blame]21 shell: kill -9 $(cat {{ pki_dir }}/pid) || true
Jeremy Mowerycec14012016-01-06 16:16:17 -0700[diff] [blame]22
Jeremy Mowery1bac6472016-02-11 21:13:07 -0700[diff] [blame]23 - name: make sure /opt/openvpn exists
24 file: path=/opt/openvpn state=directory
Jeremy Mowery81ec7002015-12-08 12:53:28 -0700[diff] [blame]25
Jeremy Moweryb0178f02016-02-25 14:26:12 -0700[diff] [blame]26 - name: make sure directory for this server exists
Jeremy Mowery9d718b52016-04-02 10:16:21 -0700[diff] [blame]27 file: path={{ pki_dir }} state=directory
Jeremy Moweryb0178f02016-02-25 14:26:12 -0700[diff] [blame]28
Jeremy Mowery1bac6472016-02-11 21:13:07 -0700[diff] [blame]29 - name: get server key
Jeremy Mowery9d718b52016-04-02 10:16:21 -0700[diff] [blame]30 copy: src={{ pki_dir }}/private/server.key dest={{ pki_dir }}/server.key
Jeremy Mowery0d693d32015-12-04 13:50:05 -0700[diff] [blame]31
Jeremy Mowery1bac6472016-02-11 21:13:07 -0700[diff] [blame]32 - name: get server crt
Jeremy Mowery9d718b52016-04-02 10:16:21 -0700[diff] [blame]33 copy: src={{ pki_dir }}/issued/server.crt dest={{ pki_dir }}/server.crt
Jeremy Moweryfd081292016-02-07 17:07:55 -0700[diff] [blame]34
Jeremy Mowery1bac6472016-02-11 21:13:07 -0700[diff] [blame]35 - name: get ca crt
Jeremy Mowery9d718b52016-04-02 10:16:21 -0700[diff] [blame]36 copy: src={{ pki_dir }}/ca.crt dest={{ pki_dir }}/ca.crt
Jeremy Moweryfd081292016-02-07 17:07:55 -0700[diff] [blame]37
Jeremy Mowery60d4b742016-03-27 21:55:25 -0700[diff] [blame]38 - name: get crl
Jeremy Mowery9d718b52016-04-02 10:16:21 -0700[diff] [blame]39 copy: src={{ pki_dir }}/crl.pem dest={{ pki_dir }}/crl.pem
Jeremy Mowery60d4b742016-03-27 21:55:25 -0700[diff] [blame]40
Jeremy Mowery1bac6472016-02-11 21:13:07 -0700[diff] [blame]41 - name: get dh
Jeremy Mowery968129f2016-04-13 17:26:36 -0700[diff] [blame]42 copy: src={{ pki_dir }}/dh.pem dest={{ pki_dir }}/dh.pem
Jeremy Moweryfd081292016-02-07 17:07:55 -0700[diff] [blame]43
Jeremy Mowery79c07ec2016-04-15 15:50:28 -0700[diff] [blame]44 - name: write config
45 template: src=/opt/xos/synchronizers/vpn/templates/server.conf.j2 dest={{ pki_dir }}/server.conf owner=root group=root
Jeremy Mowery3f6adcd2016-02-21 15:36:32 -0700[diff] [blame]46
Jeremy Mowery8e91e872015-12-06 22:43:19 -0700[diff] [blame]47 - name: start openvpn
Jeremy Moweryf2d72782016-04-10 15:25:14 -0700[diff] [blame]48 shell: openvpn {{ pki_dir }}/server.conf &