mirror of
https://github.com/trailofbits/algo
synced 2024-11-18 09:25:38 +00:00
25513cf925
* Refactoring, Linting and additional tests * Vultr: Undefined variable and deprecation notes fix * Travis-CI enable linters * Azure: Update python requirements * Update main.yml * Update install.sh * Add missing roles to ansible-lint * Linting for skipped roles * add .ansible-lint config
59 lines
1.4 KiB
YAML
59 lines
1.4 KiB
YAML
---
|
|
- name: Register p12 PayloadContent
|
|
shell: |
|
|
set -o pipefail
|
|
cat private/{{ item }}.p12 |
|
|
base64
|
|
register: PayloadContent
|
|
changed_when: false
|
|
args:
|
|
executable: bash
|
|
chdir: "{{ ipsec_pki_path }}"
|
|
with_items: "{{ users }}"
|
|
|
|
- name: Set facts for mobileconfigs
|
|
set_fact:
|
|
PayloadContentCA: "{{ lookup('file' , '{{ ipsec_pki_path }}/cacert.pem')|b64encode }}"
|
|
|
|
- name: Build the mobileconfigs
|
|
template:
|
|
src: mobileconfig.j2
|
|
dest: "{{ ipsec_config_path }}/apple/{{ item.0 }}.mobileconfig"
|
|
mode: 0600
|
|
with_together:
|
|
- "{{ users }}"
|
|
- "{{ PayloadContent.results }}"
|
|
no_log: True
|
|
|
|
- name: Build the client ipsec config file
|
|
template:
|
|
src: client_ipsec.conf.j2
|
|
dest: "{{ ipsec_config_path }}/manual/{{ item }}.conf"
|
|
mode: 0600
|
|
with_items:
|
|
- "{{ users }}"
|
|
|
|
- name: Build the client ipsec secret file
|
|
template:
|
|
src: client_ipsec.secrets.j2
|
|
dest: "{{ ipsec_config_path }}/manual/{{ item }}.secrets"
|
|
mode: 0600
|
|
with_items:
|
|
- "{{ users }}"
|
|
|
|
- name: Build the windows client powershell script
|
|
template:
|
|
src: client_windows.ps1.j2
|
|
dest: "{{ ipsec_config_path }}/windows/{{ item.0 }}.ps1"
|
|
mode: 0600
|
|
when: algo_windows
|
|
with_together:
|
|
- "{{ users }}"
|
|
- "{{ PayloadContent.results }}"
|
|
|
|
- name: Restrict permissions for the local private directories
|
|
file:
|
|
path: "{{ ipsec_config_path }}"
|
|
state: directory
|
|
mode: 0700
|