wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-09-03 10:33:13 +02:00
Code Issues Projects Releases Wiki Activity

removed unnecessary local_action's

Browse source
This commit is contained in:
Ruben Jongejan 2017-05-11 21:15:03 +02:00
parent ac6db06a19
commit 5c8e337d9b
4 changed files with 21 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
playbooks/local.yml
View file

@ -1,16 +1,23 @@
--- ---
- name: Generate the SSH private key - name: Generate the SSH private key
local_action: shell echo -e 'n' | ssh-keygen -b 2048 -C {{ SSH_keys.comment }} -t rsa -f {{ SSH_keys.private }} -q -N "" shell: >
echo -e 'n' |
ssh-keygen -b 2048 -C {{ SSH_keys.comment }}
-t rsa -f {{ SSH_keys.private }} -q -N ""
args: args:
creates: "{{ SSH_keys.private }}" creates: "{{ SSH_keys.private }}"
- name: Generate the SSH public key - name: Generate the SSH public key
local_action: shell echo `ssh-keygen -y -f {{ SSH_keys.private }}` {{ SSH_keys.comment }} > {{ SSH_keys.public }} shell: >
echo `ssh-keygen -y -f {{ SSH_keys.private }}` {{ SSH_keys.comment }}
> {{ SSH_keys.public }}
changed_when: false changed_when: false
- name: Change mode for the SSH private key - name: Change mode for the SSH private key
local_action: file path={{ SSH_keys.private }} mode=0600 file:
path: "{{ SSH_keys.private }}"
mode: 0600
- name: Ensure the dynamic inventory exists - name: Ensure the dynamic inventory exists
blockinfile: blockinfile:

8
playbooks/local_ssh.yml
View file

@ -1,14 +1,12 @@
--- ---
- name: Ensure the local ssh directory is exist - name: Ensure the local ssh directory is exist
local_action: file:
module: file path: ~/.ssh/
path: "~/.ssh/"
state: directory state: directory
- name: Copy the algo ssh key to the local ssh directory - name: Copy the algo ssh key to the local ssh directory
local_action: copy:
module: copy
src: "{{ SSH_keys.private }}" src: "{{ SSH_keys.private }}"
dest: ~/.ssh/algo.pem dest: ~/.ssh/algo.pem
mode: '0600' mode: '0600'

3
playbooks/post.yml
View file

@ -1,8 +1,7 @@
--- ---
- name: Wait until SSH becomes ready... - name: Wait until SSH becomes ready...
local_action: wait_for:
module: wait_for
port: 22 port: 22
host: "{{ cloud_instance_ip }}" host: "{{ cloud_instance_ip }}"
search_regex: "OpenSSH" search_regex: "OpenSSH"

21
roles/vpn/tasks/client_configs.yml
View file

@ -1,8 +1,7 @@
--- ---
- name: Register p12 PayloadContent - name: Register p12 PayloadContent
local_action: > shell: cat private/{{ item }}.p12 | base64
shell cat private/{{ item }}.p12 | base64
register: PayloadContent register: PayloadContent
become: no become: no
args: args:
@ -15,8 +14,7 @@
PayloadContentCA: "{{ lookup('file' , 'configs/{{ IP_subject_alt_name }}/pki/cacert.pem')|b64encode }}" PayloadContentCA: "{{ lookup('file' , 'configs/{{ IP_subject_alt_name }}/pki/cacert.pem')|b64encode }}"
- name: Build the mobileconfigs - name: Build the mobileconfigs
local_action: template:
module: template
src: mobileconfig.j2 src: mobileconfig.j2
dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.mobileconfig dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.mobileconfig
mode: 0600 mode: 0600
@ -27,8 +25,7 @@
no_log: True no_log: True
- name: Build the strongswan app android config - name: Build the strongswan app android config
local_action: template:
module: template
src: sswan.j2 src: sswan.j2
dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.sswan dest: configs/{{ IP_subject_alt_name }}/{{ item.0 }}.sswan
mode: 0600 mode: 0600
@ -39,8 +36,7 @@
no_log: True no_log: True
- name: Build the client ipsec config file - name: Build the client ipsec config file
local_action: template:
module: template
src: client_ipsec.conf.j2 src: client_ipsec.conf.j2
dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.conf dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.conf
mode: 0600 mode: 0600
@ -49,8 +45,7 @@
- "{{ users }}" - "{{ users }}"
- name: Build the client ipsec secret file - name: Build the client ipsec secret file
local_action: template:
module: template
src: client_ipsec.secrets.j2 src: client_ipsec.secrets.j2
dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.secrets dest: configs/{{ IP_subject_alt_name }}/ipsec_{{ item }}.secrets
mode: 0600 mode: 0600
@ -59,8 +54,7 @@
- "{{ users }}" - "{{ users }}"
- name: Build the windows client powershell script - name: Build the windows client powershell script
local_action: template:
module: template
src: client_windows.ps1.j2 src: client_windows.ps1.j2
dest: configs/{{ IP_subject_alt_name }}/windows_{{ item }}.ps1 dest: configs/{{ IP_subject_alt_name }}/windows_{{ item }}.ps1
mode: 0600 mode: 0600
@ -69,8 +63,7 @@
with_items: "{{ users }}" with_items: "{{ users }}"
- name: Restrict permissions for the local private directories - name: Restrict permissions for the local private directories
local_action: file:
module: file
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
mode: 0700 mode: 0700