From 397c71c698225801b6a48e264bd5bf07a022201e Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 9 May 2019 18:43:39 -0400 Subject: [PATCH] /usr/bin/iiab-handle is deprecated, but tightened up just in case --- roles/openvpn/templates/iiab-handle.j2 | 45 ++++++++++++++++++++------ 1 file changed, 35 insertions(+), 10 deletions(-) diff --git a/roles/openvpn/templates/iiab-handle.j2 b/roles/openvpn/templates/iiab-handle.j2 index 7eb842b45..43543f08f 100755 --- a/roles/openvpn/templates/iiab-handle.j2 +++ b/roles/openvpn/templates/iiab-handle.j2 @@ -1,20 +1,45 @@ #!/bin/bash -# DEPRECATED interactive script (over)writes /etc/iiab/openvpn_handle file, identifying client to server -echo -e '\nCORRECT METHOD: CHANGE VARIABLE openvpn_handle IN /etc/iiab/local_vars.yml' -echo -e 'THEN RUN "cd /opt/iiab/iiab" THEN "./runrole openvpn"\n' -echo -e "Or, for a temporary solution until the next time Ansible is run," -read -p "what OpenVPN handle do you want to use? " ans +echo -e '\n\nDEPRECATED:\n' + +echo -e 'This interactive script TEMPORARILY (over)writes /etc/iiab/openvpn_handle' +echo -e 'to identifying client to server, until the next time Ansible runs.\n\n' + + +echo -e 'PLEASE USE THIS NEW METHOD INSTEAD:\n' + +echo -e 'cd /opt/iiab/iiab' +echo -e 'sudo ./install-support\n\n' + + +#echo -e 'CORRECT METHOD: CHANGE VARIABLE openvpn_handle IN /etc/iiab/local_vars.yml' +#echo -e 'THEN RUN "cd /opt/iiab/iiab" THEN "./runrole openvpn"\n' + +echo -e 'PLEASE NOW TYPE CTRL-C TO QUIT. Or, if you really want it temporary until the' +read -p 'next time Ansible is run, what OpenVPN handle do you want? ' ans echo -if [ "$ans" == "" ]; then - if [ -f /etc/iiab/openvpn_handle ]; then - rm -f /etc/iiab/openvpn_handle - fi -else + +if [ "$ans" != "" ]; then echo $ans > /etc/iiab/openvpn_handle + echo -e "\nYour machine's openvpn_handle is TEMPORARILY now set... \n" +else + echo -e "\nWARNING: your machine's openvpn_handle remains unchanged...\n" fi + +echo -e "Restarting OpenVPN daemon...\n\n" + +# 2019-05-09: removing /etc/iiab/openvpn_handle (or setting it to "") are both very bad practices +#if [ "$ans" == "" ]; then +# if [ -f /etc/iiab/openvpn_handle ]; then +# rm -f /etc/iiab/openvpn_handle +# fi +#else +# echo $ans > /etc/iiab/openvpn_handle +#fi + + {{ systemctl_program }} restart openvpn@xscenet # This would also work: (but would bounce all VPN connections, if others exist, causing unnec disruption if so) #{{ systemctl_program }} restart openvpn