Compare commits
No commits in common. "e060ba9161949a42593bd658dae0a45b231c4d70" and "233e8e4ecfe64a30959b96394b61e1ea7d75c922" have entirely different histories.
e060ba9161
...
233e8e4ecf
3 changed files with 6 additions and 7 deletions
|
|
@ -5,7 +5,7 @@
|
||||||
- wireguard
|
- wireguard
|
||||||
|
|
||||||
- name: Check if wg_server is reachable
|
- name: Check if wg_server is reachable
|
||||||
ansible.builtin.command: echo "reachable"
|
ansible.builtin.command: echo "Test if wg_server is reachable"
|
||||||
delegate_to: wireguard_server
|
delegate_to: wireguard_server
|
||||||
register: result
|
register: result
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
@ -17,10 +17,10 @@
|
||||||
* server not reachable
|
* server not reachable
|
||||||
* no matching ssh-key
|
* no matching ssh-key
|
||||||
changed_when: true
|
changed_when: true
|
||||||
when: result.stdout is not defined or result.stdout!="reachable"
|
when: result.unreachable is defined and result.unreachable
|
||||||
|
|
||||||
- name: Configure WG Server
|
- name: Configure WG Server
|
||||||
when: result.stdout is defined and result.stdout=="reachable"
|
when: result.unreachable is not defined or not result.unreachable
|
||||||
block:
|
block:
|
||||||
- name: Set facts wg_clientname
|
- name: Set facts wg_clientname
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@
|
||||||
when: cert_client_active.stat.exists
|
when: cert_client_active.stat.exists
|
||||||
|
|
||||||
- name: Check if radius-server is reachable
|
- name: Check if radius-server is reachable
|
||||||
ansible.builtin.command: echo "reachable"
|
ansible.builtin.command: echo "Test if radius-server is reachable"
|
||||||
delegate_to: radius_server
|
delegate_to: radius_server
|
||||||
register: radius_reachable
|
register: radius_reachable
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
@ -40,12 +40,12 @@
|
||||||
- "* server not reachable"
|
- "* server not reachable"
|
||||||
- "* no matching ssh-key"
|
- "* no matching ssh-key"
|
||||||
changed_when: true
|
changed_when: true
|
||||||
when: radius_reachable.stdout is not defined or radius_reachable.stdout!='reachable'
|
when: radius_reachable.unreachable is defined and radius_reachable.unreachable
|
||||||
|
|
||||||
- name: Issue radius certificate
|
- name: Issue radius certificate
|
||||||
ansible.builtin.include_tasks: eap-tls_issue-certificate.yaml
|
ansible.builtin.include_tasks: eap-tls_issue-certificate.yaml
|
||||||
when:
|
when:
|
||||||
- radius_reachable.stdout is defined and radius_reachable.stdout=="reachable"
|
- radius_reachable.unreachable is not defined or not radius_reachable.unreachable
|
||||||
- |
|
- |
|
||||||
( not cert_client_active.stat.exists ) or
|
( not cert_client_active.stat.exists ) or
|
||||||
(cert_serial.stdout | replace('serial=','') | int(base=16) ) in ( radius_crl.revoked_certificates | map(attribute='serial_number') | list ) or
|
(cert_serial.stdout | replace('serial=','') | int(base=16) ) in ( radius_crl.revoked_certificates | map(attribute='serial_number') | list ) or
|
||||||
|
|
|
||||||
|
|
@ -105,7 +105,6 @@
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: iwd.service
|
name: iwd.service
|
||||||
enabled: false
|
enabled: false
|
||||||
failed_when: false
|
|
||||||
|
|
||||||
- name: Remove deprecated NetworkManager config
|
- name: Remove deprecated NetworkManager config
|
||||||
ansible.builtin.blockinfile:
|
ansible.builtin.blockinfile:
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue