gateway: Users task

Takes 'ovpn' variable from secrets repo users and write to openvpn server

Signed-off-by: David Galloway <dgallowa@redhat.com>

diff --git a/roles/gateway/tasks/main.yml b/roles/gateway/tasks/main.yml
index 6b851336c12e8601cf6c285429e95d665b60e145..5164eaec57f21c6f2579f35613212f357d1b2005 100644 (file)
--- a/roles/gateway/tasks/main.yml
+++ b/roles/gateway/tasks/main.yml
@@ -3,7 +3,7 @@
   include_vars: "{{ secrets_path | mandatory }}/gateway.yml"
   no_log: true
   tags:
-    - vars
+    - always
 
 # Install and update system packages
 - include: packages.yml

diff --git a/roles/gateway/tasks/users.yml b/roles/gateway/tasks/users.yml
new file mode 100644 (file)
index 0000000..5ccbc04
--- /dev/null
+++ b/roles/gateway/tasks/users.yml
@@ -0,0 +1,13 @@
+---
+- name: Populate list of OpenVPN users
+  set_fact:
+    openvpn_users:
+      "{{ admin_users|list + lab_users|list }}"
+
+- name: Update users file
+  template:
+    src: users.j2
+    dest: "{{ openvpn_data_dir }}/users"
+    owner: root
+    group: root
+    mode: 0644

diff --git a/roles/gateway/templates/users.j2 b/roles/gateway/templates/users.j2
new file mode 100644 (file)
index 0000000..e1dda58
--- /dev/null
+++ b/roles/gateway/templates/users.j2
@@ -0,0 +1,6 @@
+#
+# {{ ansible_managed }}
+#
+{% for user in openvpn_users %}
+{{ user.ovpn }}
+{% endfor %}