skip pre tasks in update-users (#1921)

config.cfg

@@ -132,6 +132,8 @@ wireguard_network_ipv6: 2001:db8:a160::/48
 local_service_ip: "{{ '172.16.0.1' | ipmath(1048573 | random(seed=algo_server_name + ansible_fqdn)) }}"
 local_service_ipv6: "{{ 'fd00::1' | ipmath(1048573 | random(seed=algo_server_name + ansible_fqdn)) }}"
 
+# Hide sensetive data
+no_log: true
 
 congrats:
   common: |

playbooks/cloud-pre.yml

@@ -18,9 +18,9 @@
 
   - name: Install the requirements
     pip:
-      state: latest
+      state: present
       name:
-        - pyOpenSSL
+        - pyOpenSSL>=0.15
         - jinja2==2.8
         - segno
     tags:

roles/ssh_tunneling/tasks/main.yml

@@ -66,7 +66,7 @@
         passphrase: "{{ p12_export_password }}"
         cipher: aes256
         force: false
-      no_log: true
+      no_log: "{{ no_log|bool }}"
       when: not item.stat.exists
       with_items: "{{ privatekey.results }}"
       register: openssl_privatekey
@@ -78,7 +78,7 @@
         privatekey_passphrase: "{{ p12_export_password }}"
         format: OpenSSH
         force: true
-      no_log: true
+      no_log: "{{ no_log|bool }}"
       when: item.changed
       with_items: "{{ openssl_privatekey.results }}"
 

roles/strongswan/tasks/client_configs.yml

@@ -23,7 +23,7 @@
   with_together:
     - "{{ users }}"
     - "{{ PayloadContent.results }}"
-  no_log: True
+  no_log: "{{ no_log|bool }}"
 
 - name: Build the client ipsec config file
   template:

roles/wireguard/tasks/keys.yml

@@ -23,7 +23,7 @@
       dest: "{{ wireguard_pki_path }}/private/{{ item['item'] }}"
       content: "{{ item['stdout'] }}"
       mode: "0600"
-    no_log: true
+    no_log: "{{ no_log|bool }}"
     when: item.changed
     with_items: "{{ wg_genkey['results'] }}"
     delegate_to: localhost
@@ -62,7 +62,7 @@
       dest: "{{ wireguard_pki_path }}/preshared/{{ item['item'] }}"
       content: "{{ item['stdout'] }}"
       mode: "0600"
-    no_log: true
+    no_log: "{{ no_log|bool }}"
     when: item.changed
     with_items: "{{ wg_genpsk['results'] }}"
     delegate_to: localhost
@@ -95,7 +95,7 @@
     dest: "{{ wireguard_pki_path }}/public/{{ item['item'] }}"
     content: "{{ item['stdout'] }}"
     mode: "0600"
-  no_log: true
+  no_log: "{{ no_log|bool }}"
   with_items: "{{ wg_pubkey['results'] }}"
   delegate_to: localhost
   become: false

tests/ca-password-fix.sh

@@ -4,7 +4,7 @@
 
 set -ex
 
-DEPLOY_ARGS="provider=local server=10.0.8.100 ssh_user=ubuntu endpoint=10.0.8.100 ondemand_cellular=true ondemand_wifi=true ondemand_wifi_exclude=test dns_adblocking=true ssh_tunneling=true store_pki=true install_headers=false tests=true local_service_ip=172.16.0.1"
+DEPLOY_ARGS="provider=local server=10.0.8.100 ssh_user=ubuntu endpoint=10.0.8.100 ondemand_cellular=true ondemand_wifi=true ondemand_wifi_exclude=test dns_adblocking=true ssh_tunneling=true store_pki=true install_headers=false tests=true local_service_ip=172.16.0.1 no_log=false"
 
 CA_PASSWORD="test123"
 

tests/local-deploy.sh

@@ -2,7 +2,7 @@
 
 set -ex
 
-DEPLOY_ARGS="provider=local server=10.0.8.100 ssh_user=ubuntu endpoint=10.0.8.100 ondemand_cellular=true ondemand_wifi=true ondemand_wifi_exclude=test dns_adblocking=true ssh_tunneling=true store_pki=true install_headers=false tests=true local_service_ip=172.16.0.1"
+DEPLOY_ARGS="provider=local server=10.0.8.100 ssh_user=ubuntu endpoint=10.0.8.100 ondemand_cellular=true ondemand_wifi=true ondemand_wifi_exclude=test dns_adblocking=true ssh_tunneling=true store_pki=true install_headers=false tests=true local_service_ip=172.16.0.1 no_log=false"
 
 if [ "${DEPLOY}" == "docker" ]
 then

tests/update-users.sh

@@ -2,7 +2,7 @@
 
 set -ex
 
-USER_ARGS="{ 'server': '10.0.8.100', 'users': ['desktop', 'user1', 'user2'], 'local_service_ip': '172.16.0.1' }"
+USER_ARGS="{ 'server': '10.0.8.100', 'users': ['desktop', 'user1', 'user2'], 'local_service_ip': '172.16.0.1', 'no_log': false }"
 
 if [ "${DEPLOY}" == "docker" ]
 then