add option to set service state
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
00b26b212e
commit
0a609dcc01
|
@ -2,6 +2,8 @@
|
||||||
openvpn_client_name: client
|
openvpn_client_name: client
|
||||||
openvpn_client_server: vpn.example.com
|
openvpn_client_server: vpn.example.com
|
||||||
|
|
||||||
|
openvpn_service_state: started
|
||||||
|
|
||||||
openvpn_client_packages_extra: []
|
openvpn_client_packages_extra: []
|
||||||
|
|
||||||
openvpn_client_cipher: AES-256-CBC
|
openvpn_client_cipher: AES-256-CBC
|
||||||
|
@ -9,7 +11,7 @@ openvpn_client_auth: SHA512
|
||||||
|
|
||||||
# openvpn_client_x509_name:
|
# openvpn_client_x509_name:
|
||||||
|
|
||||||
openvpn_client_ca_file: "{{ openvpn_client_name }}_ca.crt"
|
openvpn_client_ca_file: "/etc/pki/tls/certs/ca-bundle.crt"
|
||||||
# openvpn_client_ca_source:
|
# openvpn_client_ca_source:
|
||||||
|
|
||||||
openvpn_client_key_file: "{{ openvpn_client_name }}.key"
|
openvpn_client_key_file: "{{ openvpn_client_name }}.key"
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
- name: Restart openvpn client
|
- name: Restart openvpn client
|
||||||
service:
|
service:
|
||||||
name: "openvpn@{{ openvpn_client_name }}"
|
name: "openvpn@{{ openvpn_client_name }}"
|
||||||
state: restarted
|
state: "{% 'restarted' if openvpn_service_state == 'started' else 'stopped' %}"
|
||||||
enabled: yes
|
enabled: yes
|
||||||
listen: __openvpn_restart
|
listen: __openvpn_restart
|
||||||
become: True
|
become: True
|
||||||
|
|
|
@ -4,6 +4,7 @@
|
||||||
vars:
|
vars:
|
||||||
openvpn_client_packages_extra:
|
openvpn_client_packages_extra:
|
||||||
- epel-release
|
- epel-release
|
||||||
|
openvpn_service_state: stopped
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- role: "xoxys.openvpn_client"
|
- role: "xoxys.openvpn_client"
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
centos7
|
|
@ -39,7 +39,7 @@
|
||||||
- name: Ensure openvpn service is up and running
|
- name: Ensure openvpn service is up and running
|
||||||
systemd:
|
systemd:
|
||||||
name: "openvpn@{{ openvpn_client_name }}"
|
name: "openvpn@{{ openvpn_client_name }}"
|
||||||
state: started
|
state: "{{ openvpn_service_state }}"
|
||||||
enabled: yes
|
enabled: yes
|
||||||
become: True
|
become: True
|
||||||
become_user: root
|
become_user: root
|
||||||
|
|
|
@ -14,7 +14,7 @@ nobind
|
||||||
{% if openvpn_client_x509_name is defined %}
|
{% if openvpn_client_x509_name is defined %}
|
||||||
verify-x509-name "{{ openvpn_client_x509_name }}" name
|
verify-x509-name "{{ openvpn_client_x509_name }}" name
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if openvpn_client_ca_file is defined and openvpn_client_ca_source is defined %}
|
{% if openvpn_client_ca_file is defined %}
|
||||||
ca /etc/openvpn/certs/{{ openvpn_client_ca_file }}
|
ca /etc/openvpn/certs/{{ openvpn_client_ca_file }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if openvpn_client_cert_file is defined and openvpn_client_cert_source is defined %}
|
{% if openvpn_client_cert_file is defined and openvpn_client_cert_source is defined %}
|
||||||
|
|
Loading…
Reference in New Issue