From 7085a594fcfd4b66ea8c98ad1a2e70ec540bfefd Mon Sep 17 00:00:00 2001 From: Evgeniy Ivanov Date: Thu, 18 Aug 2016 11:16:22 +0300 Subject: [PATCH] p12 moved into playbooks --- algo | 16 +++------------- digitalocean.yml | 5 +++++ ec2.yml | 5 +++++ gce.yml | 5 +++++ non-cloud.yml | 6 ++++++ roles/cloud-digitalocean/tasks/main.yml | 1 + roles/cloud-ec2/tasks/main.yml | 1 + roles/cloud-gce/tasks/main.yml | 1 + users.yml | 6 ++++++ 9 files changed, 33 insertions(+), 13 deletions(-) diff --git a/algo b/algo index 769c6b3..b6f096f 100755 --- a/algo +++ b/algo @@ -1,12 +1,5 @@ #!/bin/sh -p12_export_password () { - echo -n " -Enter the password for p12 certificates (default: vpn): -: " - read -s P - P=${P:-vpn} -} algo_provisioning () { echo -n " @@ -29,14 +22,11 @@ Enter the number of your desired provider *) exit 1 ;; esac - p12_export_password - - ansible-playbook "${CLOUD}.yml" -e easyrsa_p12_export_password=${P} + ansible-playbook "${CLOUD}.yml" } - + user_management () { - p12_export_password - ansible-playbook users.yml -e easyrsa_p12_export_password=${P} + ansible-playbook users.yml } case "$1" in diff --git a/digitalocean.yml b/digitalocean.yml index 8b54fb4..f2f3d4f 100644 --- a/digitalocean.yml +++ b/digitalocean.yml @@ -58,6 +58,11 @@ prompt: "Do you want to use auditd ? (Y or N):\n" default: "Y" private: no + + - name: "easyrsa_p12_export_password" + prompt: "Enter the password for p12 certificates:\n" + default: "vpn" + private: yes roles: - cloud-digitalocean diff --git a/ec2.yml b/ec2.yml index c7018e5..f880d0f 100644 --- a/ec2.yml +++ b/ec2.yml @@ -66,6 +66,11 @@ prompt: "Do you want to use auditd ? (Y or N):\n" default: "Y" private: no + + - name: "easyrsa_p12_export_password" + prompt: "Enter the password for p12 certificates:\n" + default: "vpn" + private: yes roles: - cloud-ec2 diff --git a/gce.yml b/gce.yml index f215e43..3c8e9f7 100644 --- a/gce.yml +++ b/gce.yml @@ -62,6 +62,11 @@ prompt: "Do you want to use auditd ? (Y or N):\n" default: "Y" private: no + + - name: "easyrsa_p12_export_password" + prompt: "Enter the password for p12 certificates:\n" + default: "vpn" + private: yes roles: - cloud-gce diff --git a/non-cloud.yml b/non-cloud.yml index b53ece7..573f7fe 100644 --- a/non-cloud.yml +++ b/non-cloud.yml @@ -22,6 +22,11 @@ prompt: "Do you want to use auditd ? (Y or N):\n" default: "Y" private: no + + - name: "easyrsa_p12_export_password" + prompt: "Enter the password for p12 certificates:\n" + default: "vpn" + private: yes tasks: - name: Add the server to the vpn-host group @@ -32,6 +37,7 @@ ansible_python_interpreter: "/usr/bin/python2.7" dns_enabled: "{{ dns_enabled }}" auditd_enabled: " {{ auditd_enabled }}" + easyrsa_p12_export_password: "{{ easyrsa_p12_export_password }}" - name: Wait for SSH to become available local_action: "wait_for port=22 host={{ server_ip }} timeout=320" diff --git a/roles/cloud-digitalocean/tasks/main.yml b/roles/cloud-digitalocean/tasks/main.yml index 0fa4120..576fd61 100644 --- a/roles/cloud-digitalocean/tasks/main.yml +++ b/roles/cloud-digitalocean/tasks/main.yml @@ -33,6 +33,7 @@ do_droplet_id: "{{ do.droplet.id }}" dns_enabled: "{{ dns_enabled }}" auditd_enabled: " {{ auditd_enabled }}" + easyrsa_p12_export_password: "{{ easyrsa_p12_export_password }}" - name: Wait for SSH to become available local_action: "wait_for port=22 host={{ do.droplet.ip_address }} timeout=320" diff --git a/roles/cloud-ec2/tasks/main.yml b/roles/cloud-ec2/tasks/main.yml index 75bd4f2..3c067cc 100644 --- a/roles/cloud-ec2/tasks/main.yml +++ b/roles/cloud-ec2/tasks/main.yml @@ -71,6 +71,7 @@ ansible_python_interpreter: "/usr/bin/python2.7" dns_enabled: "{{ dns_enabled }}" auditd_enabled: " {{ auditd_enabled }}" + easyrsa_p12_export_password: "{{ easyrsa_p12_export_password }}" with_items: "{{ ec2.instances }}" - name: Wait for SSH to become available diff --git a/roles/cloud-gce/tasks/main.yml b/roles/cloud-gce/tasks/main.yml index 62f5540..72b1abf 100644 --- a/roles/cloud-gce/tasks/main.yml +++ b/roles/cloud-gce/tasks/main.yml @@ -22,6 +22,7 @@ ansible_python_interpreter: "/usr/bin/python2.7" dns_enabled: "{{ dns_enabled }}" auditd_enabled: " {{ auditd_enabled }}" + easyrsa_p12_export_password: "{{ easyrsa_p12_export_password }}" - name: Firewall configured local_action: diff --git a/users.yml b/users.yml index a7489c0..80f0998 100644 --- a/users.yml +++ b/users.yml @@ -14,6 +14,11 @@ prompt: "What user should we use to login on the server?:\n" default: "root" private: no + + - name: "easyrsa_p12_export_password" + prompt: "Enter the password for p12 certificates:\n" + default: "vpn" + private: yes tasks: - name: Add the server to the vpn-host group @@ -22,6 +27,7 @@ groupname: vpn-host ansible_ssh_user: "{{ server_user }}" ansible_python_interpreter: "/usr/bin/python2.7" + easyrsa_p12_export_password: "{{ easyrsa_p12_export_password }}" - name: Wait for SSH to become available local_action: "wait_for port=22 host={{ server_ip }} timeout=320"