summaryrefslogtreecommitdiff
path: root/per-service
diff options
context:
space:
mode:
authorBen Copeland <ben.copeland@linaro.org>2016-09-16 11:37:01 +0100
committerBen Copeland <ben.copeland@linaro.org>2016-09-26 23:16:36 +0000
commit5eba9295d833f5387a16108ff8307f187f564999 (patch)
tree288c1aa9d1c8521e06eed1530ad03b60faf48df8 /per-service
parentbc4c18e5dcad3a9033d78d631b4cf93bb09cebe9 (diff)
downloadansible-playbooks-5eba9295d833f5387a16108ff8307f187f564999.tar.gz
Jenkins: add OpenVPN support
Make sure we can manage OpenVPN connections through Ansible. Change-Id: I067612de63476a24c037de36cd84b6d487f549dd Reviewed-on: https://review.linaro.org/14477 Reviewed-by: Andy Doan <andy.doan@linaro.org>
Diffstat (limited to 'per-service')
-rw-r--r--per-service/jenkins/jenkins.yml1
-rw-r--r--per-service/jenkins/roles/openvpn/defaults/main.yml3
-rw-r--r--per-service/jenkins/roles/openvpn/handlers/main.yml4
-rw-r--r--per-service/jenkins/roles/openvpn/tasks/main.yml21
-rw-r--r--per-service/jenkins/roles/openvpn/templates/vpn-upstart.conf13
-rwxr-xr-xper-service/jenkins/update-production-jenkins.sh2
6 files changed, 43 insertions, 1 deletions
diff --git a/per-service/jenkins/jenkins.yml b/per-service/jenkins/jenkins.yml
index 7fcc8a7..37e4153 100644
--- a/per-service/jenkins/jenkins.yml
+++ b/per-service/jenkins/jenkins.yml
@@ -30,6 +30,7 @@
- {role: jenkins-utils-cron-disable}
- {role: jenkins-utils-publish-staging}
- {role: jenkins-cli}
+ - {role: openvpn, tags: ['openvpn']}
tasks:
- name: Check out linaro-android-build-tools
git: name={{linaro_android_build_tools_repo}} version={{linaro_android_build_tools_rev}}
diff --git a/per-service/jenkins/roles/openvpn/defaults/main.yml b/per-service/jenkins/roles/openvpn/defaults/main.yml
new file mode 100644
index 0000000..9daa0fe
--- /dev/null
+++ b/per-service/jenkins/roles/openvpn/defaults/main.yml
@@ -0,0 +1,3 @@
+vpn_connections:
+ - vpn-aus-colo
+ - vpn-tcwg \ No newline at end of file
diff --git a/per-service/jenkins/roles/openvpn/handlers/main.yml b/per-service/jenkins/roles/openvpn/handlers/main.yml
new file mode 100644
index 0000000..805074f
--- /dev/null
+++ b/per-service/jenkins/roles/openvpn/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+- name: restart-openvpn
+ service: name={{item}} state=restarted enabled=yes
+ with_items: "{{vpn_connections}}"
diff --git a/per-service/jenkins/roles/openvpn/tasks/main.yml b/per-service/jenkins/roles/openvpn/tasks/main.yml
new file mode 100644
index 0000000..024b06e
--- /dev/null
+++ b/per-service/jenkins/roles/openvpn/tasks/main.yml
@@ -0,0 +1,21 @@
+---
+- name: Ensure OpenVPN is installed
+ apt: package=openvpn state=present update_cache=yes
+
+- name: Install OpenVPN upstart scripts
+ template: src=vpn-upstart.conf dest=/etc/init/{{item}}.conf
+ with_items: "{{vpn_connections}}"
+ notify: restart-openvpn
+
+- name: Ensure OpenVPN directories exist
+ file: path=/etc/openvpn/{{item}} state=directory
+ with_items: "{{vpn_connections}}"
+
+- name: Copy OpenVPN config
+ copy:
+ src: "{{secrets_dir}}/files/openvpn/{{item}}"
+ dest: /etc/openvpn
+ mode: 0644
+ directory_mode: yes
+ with_items: "{{vpn_connections}}"
+ notify: restart-openvpn \ No newline at end of file
diff --git a/per-service/jenkins/roles/openvpn/templates/vpn-upstart.conf b/per-service/jenkins/roles/openvpn/templates/vpn-upstart.conf
new file mode 100644
index 0000000..ad662ec
--- /dev/null
+++ b/per-service/jenkins/roles/openvpn/templates/vpn-upstart.conf
@@ -0,0 +1,13 @@
+# ANSIBLE MANAGED
+# openvpn
+#
+
+description "OpenVPN - {{item}}"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+respawn
+
+chdir /etc/openvpn/{{item}}
+exec /usr/sbin/openvpn ./client.conf \ No newline at end of file
diff --git a/per-service/jenkins/update-production-jenkins.sh b/per-service/jenkins/update-production-jenkins.sh
index 26184bf..3f41dbf 100755
--- a/per-service/jenkins/update-production-jenkins.sh
+++ b/per-service/jenkins/update-production-jenkins.sh
@@ -25,4 +25,4 @@ if [ "$input" != "YES" ]; then
exit 0
fi
-time ansible-playbook -i hosts -l "$1" --user "$2" --ask-sudo-pass jenkins.yml --tags jenkins-install,dput
+time ansible-playbook -i hosts -l "$1" --user "$2" --ask-sudo-pass jenkins.yml --tags jenkins-install,dput,openvpn