ansible-ffibk/roles/service-tinc/tasks/main.yml
Tobias Hachmer a2104ddcc5 Role service-tinc: fix handling of systemd unit
* remove init script if present
* nets.boot not necessary with new systemd unit
* update systemd tasks to use systemd unit tinc@
* update handler
2017-12-29 14:27:52 +01:00

84 lines
1.8 KiB
YAML

---
- name: install tinc packages
package:
name: "{{ item }}"
state: present
with_items:
- tinc
- name: clone icvpn repo
git:
repo: "{{ icvpn.icvpn_repo }}"
dest: /etc/tinc/{{ icvpn.interface }}
version: master
update: no
- name: set directory permissions
file:
path: /etc/tinc/{{ icvpn.interface }}
state: directory
owner: admin
group: admin
recurse: yes
- name: register metanodes
command: cat /etc/tinc/{{ icvpn.interface }}/metanodes
register: metanodes
changed_when: false
- name: enable freifunk/icvpn post-merge script
copy:
remote_src: yes
src: /etc/tinc/{{ icvpn.interface }}/scripts/post-merge
dest: /etc/tinc/{{ icvpn.interface }}/.git/hooks/
owner: admin
group: admin
mode: 0755
- name: write tinc.conf
template:
src: tinc.conf.j2
dest: /etc/tinc/{{ icvpn.interface }}/tinc.conf
mode: 0664
owner: admin
group: admin
notify: restart systemd unit tinc
- name: write tinc-up hook script
template:
src: tinc-up.j2
dest: /etc/tinc/{{ icvpn.interface }}/tinc-up
mode: 0775
owner: admin
group: admin
notify: restart systemd unit tinc
- name: write tinc-down hook script
template:
src: tinc-down.j2
dest: /etc/tinc/{{ icvpn.interface }}/tinc-down
mode: 0775
owner: admin
group: admin
notify: restart systemd unit tinc
- name: write tinc private key
template:
src: rsa_key.priv.j2
dest: /etc/tinc/{{ icvpn.interface }}/rsa_key.priv
mode: 0600
owner: admin
group: admin
notify: restart systemd unit tinc
- name: remove tinc init file if present
file:
path: /etc/init.d/tinc
state: absent
notify: reload systemd
- name: configure systemd unit tinc
systemd:
name: "tinc@{{ icvpn.interface }}"
enabled: yes
state: started