WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-27 20:12:54 +08:00
Code Issues Packages Projects Releases Wiki Activity
17,222 Commits 9 Branches 0 Tags
9523dadd164dfd82f33bbf8564d5deffc6a9ddbe
Commit Graph

41 Commits

Author SHA1 Message Date
Kevin Fenzi
215c38198e Disable openvpn client handler for now 2016-08-31 18:57:02 +00:00
Kevin Fenzi
12ed1dd6f7 Update out vpn configs for better encryption. 2016-08-31 18:50:14 +00:00
Kevin Fenzi
1c6e9a11f4 Another pile of trailing whitespace fixes 2016-08-08 19:42:36 +00:00
Tim Flink
bf03de72d0 fixing logic for openvpn package install w/dnf 2015-11-26 01:27:59 +00:00
Pierre-Yves Chibon
1c183896c8 Install the openvpn client package with dnf on F22+ 2015-11-17 15:29:29 +01:00
Patrick Uiterwijk
fe6f551049 Move fix-routes.sh to openvpn base and run it on restart 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-11-04 23:09:43 +00:00
Patrick Uiterwijk
b2b07e8bcd Running the script doesnt work yet. But we still want the script. 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-10-23 03:11:02 +00:00
Patrick Uiterwijk
50511a65e7 Make fix-routes not terminate with status 2 if it fixed it 
This will make openvpn think something went wrong and terminate the connection.
I did this to make it easily visible when running with ansible, but in this case
it messes things up.

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-10-23 02:41:01 +00:00
Patrick Uiterwijk
d5bdc65887 Add script to OpenVPN for VPN route fixing 
This will make sure that always after a start/restart the
VPN routes are created

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-10-23 02:15:43 +00:00
Patrick Uiterwijk
b1db3bafd8 Disable persist-tun for openvpn 
This should solve the issue where RHEL7 machines that get a network
hiccup need an OpenVPN restart to restore their routes.

The code is broken in the current upstream OpenVPN release, such that
it does tear down some of the routes during a ping-restart (when the
connection is dropped due to network hiccups), but the reconnection
code does not restore the routes.
I am working on an upstream patch to fix this, but in the meantime
disabling persist-tun will make sure that OpenVPN does the entire
initialization upon reconnection, which makes sure that all routes
are created.

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2015-10-21 18:26:32 +00:00
Kevin Fenzi
2873cdd427 Move all puppet_private stuff to ansible private so we can stop using puppet private. 2015-09-25 18:16:23 +00:00
Kevin Fenzi
275f4b5203 Change all instances of ansible_distribution_major_version to filter to int for comparisons. 2015-05-27 22:27:39 +00:00
Kevin Fenzi
05e35e953d This is now fixed in a systemd update in rhel7.1 so drop the workaround 2015-04-22 14:40:57 +00:00
Kevin Fenzi
fb1c3a6eeb Work around rhel 7.1 systemd template bug: https://bugzilla.redhat.com/show_bug.cgi?id=1206007 2015-03-26 13:41:48 +00:00
Kevin Fenzi
10b316d114 Does this need quotes? 2014-12-15 19:40:37 +00:00
Kevin Fenzi
1cd3cb534b Try this one. 2014-12-15 19:39:30 +00:00
Kevin Fenzi
aabdcd15d6 Split this out to see if we can debug it some. 2014-12-15 19:37:22 +00:00
Praveen Kumar
4b1e5162d7 Update state from installed/removed to present/absent for yum module as per latest documents -> http://docs.ansible.com/yum_module.html 2014-11-05 15:32:11 +00:00
Tim Flink
4cad62833a fixing typo in restart notification 2014-09-24 17:35:59 +00:00
Tim Flink
d6195c2c33 changing openvpn restart notifications to work on sysvinit and systemd style machines 2014-09-24 17:32:41 +00:00
Tim Flink
b11b5959fb newer fedora openvpn behaves more like rhel7 than rhel6 2014-09-24 13:33:31 +00:00
Ralph Bean
360c80e639 Yes. It was a typo. 2014-09-10 19:42:47 +00:00
Kevin Fenzi
b77b40ff2c Try copy here too. 2014-08-12 03:49:58 +00:00
Pierre-Yves Chibon
6142a27e19 Move back from copy to file for testing 2014-08-01 17:08:49 +02:00
Pierre-Yves Chibon
d26ae5df9f Use copy instead of file 2014-08-01 17:04:34 +02:00
Pierre-Yves Chibon
840abdfbd9 Fix mode for the .crt 2014-08-01 17:02:40 +02:00
Pierre-Yves Chibon
ecd9d72382 Try adjusting the notify handler 2014-08-01 16:52:39 +02:00
Pierre-Yves Chibon
1ed10e24fc Let's just invert dest and source 2014-08-01 16:51:34 +02:00
Pierre-Yves Chibon
b818538962 Y'all get quotes 2014-08-01 16:48:16 +02:00
Pierre-Yves Chibon
27913def24 More quotes for the handler names 2014-08-01 16:45:57 +02:00
Pierre-Yves Chibon
8de71b59e3 Tag all the openvpn tasks as 'openvpn' 2014-08-01 16:41:55 +02:00
Pierre-Yves Chibon
8a89bd9fff Fix accessing the mode 2014-08-01 16:34:21 +02:00
Pierre-Yves Chibon
8185a415d2 And we put directly the destination, no location set 2014-08-01 16:30:08 +02:00
Pierre-Yves Chibon
cf1f8dba40 What about quotes 2014-08-01 16:26:15 +02:00
Pierre-Yves Chibon
b34999e1f4 Add the logic to enable the openvpn server on EL6, EL7 and Fedora in the client and the server 2014-08-01 12:39:43 +02:00
Pierre-Yves Chibon
7f30c0fc7a Adjust the openvpn handler automatically to the distribution used 2014-08-01 12:35:11 +02:00
Pierre-Yves Chibon
92dab2a497 Clean openvpn server files that were doing nothing in the client 2014-08-01 12:31:37 +02:00
Pierre-Yves Chibon
6878e49796 Fix the files list in the openvpn/client role 2014-08-01 12:22:10 +02:00
Pierre-Yves Chibon
3aa0127662 Dependencies between roles are marked in the meta folder not the tasks one 2014-08-01 12:16:09 +02:00
Pierre-Yves Chibon
901624caea Mark the openvpn client and server as requesting the openvpn base role 2014-08-01 12:10:06 +02:00
Pierre-Yves Chibon
e5ff3b586e Start the port to ansible of openvpn 2014-07-31 22:37:58 +02:00