diff --git a/playbooks/local.yml b/playbooks/local.yml index a7cc2d7e..be2ecc9f 100644 --- a/playbooks/local.yml +++ b/playbooks/local.yml @@ -1,16 +1,23 @@ --- - name: Generate the SSH private key - local_action: shell echo -e 'n' | ssh-keygen -b 2048 -C {{ SSH_keys.comment }} -t rsa -f {{ SSH_keys.private }} -q -N "" + shell: > + echo -e 'n' | + ssh-keygen -b 2048 -C {{ SSH_keys.comment }} + -t rsa -f {{ SSH_keys.private }} -q -N "" args: creates: "{{ SSH_keys.private }}" - name: Generate the SSH public key - local_action: shell echo `ssh-keygen -y -f {{ SSH_keys.private }}` {{ SSH_keys.comment }} > {{ SSH_keys.public }} + shell: > + echo `ssh-keygen -y -f {{ SSH_keys.private }}` {{ SSH_keys.comment }} + > {{ SSH_keys.public }} changed_when: false - name: Change mode for the SSH private key - local_action: file path={{ SSH_keys.private }} mode=0600 + file: + path: "{{ SSH_keys.private }}" + mode: 0600 - name: Ensure the dynamic inventory exists blockinfile: diff --git a/playbooks/local_ssh.yml b/playbooks/local_ssh.yml index 05e53d9a..b2b30b77 100644 --- a/playbooks/local_ssh.yml +++ b/playbooks/local_ssh.yml @@ -1,14 +1,12 @@ --- - name: Ensure the local ssh directory is exist - local_action: - module: file - path: "~/.ssh/" + file: + path: ~/.ssh/ state: directory - name: Copy the algo ssh key to the local ssh directory - local_action: - module: copy + copy: src: "{{ SSH_keys.private }}" dest: ~/.ssh/algo.pem mode: '0600' diff --git a/playbooks/post.yml b/playbooks/post.yml index 3f1c1423..f9f41983 100644 --- a/playbooks/post.yml +++ b/playbooks/post.yml @@ -1,8 +1,7 @@ --- - name: Wait until SSH becomes ready... - local_action: - module: wait_for + wait_for: port: 22 host: "{{ cloud_instance_ip }}" search_regex: "OpenSSH" diff --git a/roles/vpn/tasks/client_configs.yml b/roles/vpn/tasks/client_configs.yml index 76f5a05a..227a2a1a 100644 --- a/roles/vpn/tasks/client_configs.yml +++ b/roles/vpn/tasks/client_configs.yml @@ -1,8 +1,7 @@ --- - name: Register p12 PayloadContent - local_action: > - shell cat private/{{ item }}.p12 | base64 + shell: cat private/{{ item }}.p12 | base64 register: PayloadContent become: no args: @@ -15,8 +14,7 @@ PayloadContentCA: "{{ lookup('file' , 'configs/{{ IP_subject_alt_name }}/pki/cacert.pem')|b64encode }}" - name: Build the mobileconfigs - local_action: - module: template + template: src: mobileconfig.j2 dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.mobileconfig mode: 0600 @@ -27,8 +25,7 @@ no_log: True - name: Build the strongswan app android config - local_action: - module: template + template: src: sswan.j2 dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.sswan mode: 0600 @@ -39,8 +36,7 @@ no_log: True - name: Build the client ipsec config file - local_action: - module: template + template: src: client_ipsec.conf.j2 dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.conf mode: 0600 @@ -49,8 +45,7 @@ - "{{ users }}" - name: Build the client ipsec secret file - local_action: - module: template + template: src: client_ipsec.secrets.j2 dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.secrets mode: 0600 @@ -59,8 +54,7 @@ - "{{ users }}" - name: Build the windows client powershell script - local_action: - module: template + template: src: client_windows.ps1.j2 dest: configs/{{ IP_subject_alt_name }}/windows_{{ item }}.ps1 mode: 0600 @@ -69,8 +63,7 @@ with_items: "{{ users }}" - name: Restrict permissions for the local private directories - local_action: - module: file + file: path: "{{ item }}" state: directory mode: 0700