diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 9e27f95b5..0b265238e 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -41,7 +41,7 @@ - { src: 'client1.crt', dest: '/etc/openvpn/keys/client1.crt', mode: '0644' } - { src: 'client1.key', dest: '/etc/openvpn/keys/client1.key', mode: '0600' } - { src: 'announce', dest: '/etc/openvpn/scripts/announce', mode: '0755' } - - { src: 'announcer', dest: '/etc/openvpn/scripts/announcer', mode: '0755' } + - { src: 'announcer.j2', dest: '/etc/openvpn/scripts/announcer', mode: '0755' } - { src: 'silence', dest: '/etc/openvpn/scripts/silence', mode: '0755' } - { src: 'xscenet.conf.j2', dest: '/etc/openvpn/xscenet.conf', mode: '0644' } - { src: 'iiab-vpn.conf.in', dest: '/etc/openvpn/iiab-vpn.conf.in', mode: '0644' } diff --git a/roles/openvpn/templates/announcer b/roles/openvpn/templates/announcer deleted file mode 100755 index 26de78019..000000000 --- a/roles/openvpn/templates/announcer +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -x -# small daemon to identify this machine to the openvpn server - -HANDLE= -UUID= -source /etc/iiab/iiab.env -if [ -f /etc/iiab/openvpn_handle ]; then - HANDLE=`cat /etc/iiab/openvpn_handle` -fi -# DANGEROUS AS OF AUGUST 2018: -#if [ -z "$HANDLE" ]; then -# HANDLE=`cat /etc/iiab/iiab.ini | gawk \ -# '{ if((toupper($1) == "HANDLE") && ($2 == "=")) { print $3;}}'` -#fi -if [ -f /etc/iiab/uuid ]; then - UUID=`cat /etc/iiab/uuid` -fi -# start the daemon which will serve the handle on demand -# NEXT LINE OBSOLETE? August 2018 -source /etc/init.d/functions -SERVER=/usr/bin/ncat -# NEXT LINE OBSOLETE? August 2018 -PID_FILE=/var/run/openvpn/announce.pid -HANDLE=${HANDLE// /_} -{% if is_debuntu %} -ID=`printf "HANDLE = %s|UUID = %s|" $HANDLE $UUID` -$SERVER -l -k -p1705 --exec "/bin/echo $ID" & -{% else %} -daemon --pidfile=${PID_FILE} $SERVER "-l -k -p1705 --exec \"/usr/bin/echo $(printf 'HANDLE = %s|UUID = %s' $HANDLE $UUID)\"" & -{% endif %} diff --git a/roles/openvpn/templates/announcer.j2 b/roles/openvpn/templates/announcer.j2 new file mode 100755 index 000000000..8580112f9 --- /dev/null +++ b/roles/openvpn/templates/announcer.j2 @@ -0,0 +1,37 @@ +#!/bin/bash -x +# Small daemon to identify this machine to the OpenVPN server + +HANDLE= +UUID= +if [ -f /etc/iiab/openvpn_handle ]; then + # Option #0: Might source directly from /etc/iiab/local_vars.yml in future + # Option #1 + HANDLE=`cat /etc/iiab/openvpn_handle` +else + # Option #2: Dangerous to invoke hypothetical variables :( + source /etc/iiab/iiab.env + # Option #3: CAUSED FAILURES IN AUGUST 2018, invoking stale variable from /etc/iiab/iiab.ini, but safer now that relegated to #3 ? + if [ -z "$HANDLE" ]; then + HANDLE=`cat /etc/iiab/iiab.ini | gawk \ + '{ if((toupper($1) == "HANDLE") && ($2 == "=")) { print $3;}}'` + fi +fi +HANDLE=${HANDLE// /_} +if [ -f /etc/iiab/uuid ]; then + UUID=`cat /etc/iiab/uuid` +fi + +SERVER=/usr/bin/ncat +ID=`printf "HANDLE = %s|UUID = %s" $HANDLE $UUID` +# August 2018: Removal of trailing slash tested on Raspbian, Ubuntu 18.04 & Ubuntu 16.04 +#ID=`printf "HANDLE = %s|UUID = %s|" $HANDLE $UUID` + +# Start the daemon which will serve the handle on demand +{% if is_debuntu %} +$SERVER -l -k -p1705 --exec "/bin/echo $ID" & +{% else %} +source /etc/init.d/functions +PID_FILE=/var/run/openvpn/announce.pid +daemon --pidfile=${PID_FILE} $SERVER "-l -k -p1705 --exec \"/usr/bin/echo $ID\"" & +#daemon --pidfile=${PID_FILE} $SERVER "-l -k -p1705 --exec \"/usr/bin/echo $(printf 'HANDLE = %s|UUID = %s' $HANDLE $UUID)\"" & +{% endif %}