From 382b58ec71fa04f0be2830645d5c5d94289910f4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 3 Sep 2018 10:52:40 -0400 Subject: [PATCH 1/5] Update main.yml --- roles/openvpn/tasks/main.yml | 26 ++++++++------------------ 1 file changed, 8 insertions(+), 18 deletions(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 9b34f45a3..b5c67c030 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -44,27 +44,17 @@ - "tUM4hl009fbXY4Yy3bAadWL1CquVrZmKfBBWhyhz8zLD6TQ== ghunt@ip-192-168-123-123.ec2.internal$" - "heOMXXNU6skxdPh2fcHh0bzQcaCSQ== holt@crank$" -- name: Create the directory for OpenVPN keys +- name: Create 3 directories for: OpenVPN keys, scripts & up_wan file: - dest: /etc/openvpn/keys + path: "{{ item }}" state: directory owner: root group: root mode: 0755 - -- name: Create the directory for scripts - file: - dest: /etc/openvpn/scripts - state: directory - owner: root - group: root - mode: 0755 - -# Comment out in future? Might still be relevant for CentOS but unused for ~2 years as of August 2018: -- name: Create folder /usr/lib/iiab (not on path) for iiab executable up_wan - file: - path: /usr/lib/iiab - state: directory + with_items: + - /etc/openvpn/keys + - /etc/openvpn/scripts + - /usr/lib/iiab # For executable up_wan. Comment out in future? Might still be relevant for CentOS but unused for ~2 years as of August 2018. - name: Configure OpenVPN (BACKS UP FILES IF CHANGED) template: @@ -121,9 +111,9 @@ template: src: 15-openvpn dest: /etc/NetworkManager/dispatcher.d/ - when: not is_debuntu + when: not is_debuntu # SHOULD THIS CONDITION ACT ON THE PRESENCE OF NETWORKMANAGER? e.g. some Ubuntu's use NM, others don't. -# Was buggy & unused for ~2 years as of August 2018: +# Was unused for ~2 years as of August 2018: (replaced by /etc/openvpn/xscenet.conf) #- name: Check for manually configured OpenVPN tunnel # stat: # path: /etc/openvpn/iiab-vpn.conf From 120d147ff0312ce5f4cb0d3d4544ba85a0a2eb0c Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 3 Sep 2018 10:53:52 -0400 Subject: [PATCH 2/5] Update main.yml --- roles/openvpn/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index b5c67c030..e77304208 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -32,7 +32,7 @@ # being used (instead of the full key) as an abbreviated regexp for now. # A backslash in front of each plus sign (+) would also work. -- name: Remove ssh public keys (if openvpn_install is False) +- name: Remove those ssh public keys (if openvpn_install is False) lineinfile: regexp: "{{ item }}" path: /root/.ssh/authorized_keys From bfda336895f4c5d1b70f78be0546e401f197b707 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 3 Sep 2018 11:04:40 -0400 Subject: [PATCH 3/5] Update main.yml --- roles/openvpn/tasks/main.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index e77304208..c918e9829 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -86,16 +86,6 @@ # Buggy & rarely used as of August 2018: #- { src: 'iiab-vpn.j2', dest: '/usr/bin/iiab-vpn', mode: '0755' } -#- name: Save openvpn_handle variable into /etc/iiab/openvpn_handle (BACKS UP FILE IF CHANGED) -# template: -# src: openvpn_handle.j2 -# dest: /etc/iiab/openvpn_handle -# owner: root -# group: root -# mode: 0644 -# backup: yes -# when: openvpn_handle is defined - # up_wan was being installed twice (also above) and was unused for ~2 years # as of August 2018: (see 15-openvpn below) #- name: Put up_wan in place (debuntu) From b50d41171cc9a33c71353fdc12570fc0e71cc979 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 3 Sep 2018 11:06:20 -0400 Subject: [PATCH 4/5] Update main.yml --- roles/openvpn/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index c918e9829..29949e906 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -44,7 +44,7 @@ - "tUM4hl009fbXY4Yy3bAadWL1CquVrZmKfBBWhyhz8zLD6TQ== ghunt@ip-192-168-123-123.ec2.internal$" - "heOMXXNU6skxdPh2fcHh0bzQcaCSQ== holt@crank$" -- name: Create 3 directories for: OpenVPN keys, scripts & up_wan +- name: "Create 3 directories for: OpenVPN keys, scripts & up_wan" file: path: "{{ item }}" state: directory From cee02d2d9b698c2c5e0a8de1decdd7fa8b06b60a Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 3 Sep 2018 11:12:59 -0400 Subject: [PATCH 5/5] Update main.yml --- roles/openvpn/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 29949e906..a141dea47 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -103,7 +103,7 @@ dest: /etc/NetworkManager/dispatcher.d/ when: not is_debuntu # SHOULD THIS CONDITION ACT ON THE PRESENCE OF NETWORKMANAGER? e.g. some Ubuntu's use NM, others don't. -# Was unused for ~2 years as of August 2018: (replaced by /etc/openvpn/xscenet.conf) +# Was obsolete/unused for ~2 years as of August 2018: (replaced by /etc/openvpn/xscenet.conf) #- name: Check for manually configured OpenVPN tunnel # stat: # path: /etc/openvpn/iiab-vpn.conf