nkakouros-original / ansible-role-easyrsa Goto Github PK
View Code? Open in Web Editor NEWInstalls EasyRSA and generates certificates/keys
Home Page: https://github.com/OpenVPN/easy-rsa
Installs EasyRSA and generates certificates/keys
Home Page: https://github.com/OpenVPN/easy-rsa
Even though the role allows to specify easyrsa_pki_dir
, it doesn't handle deploying multiple directories.
That could be useful to build, for instance, one root and one intermediate certification authorities.
I try install and block on:
TASK [nkakouros.easyrsa : Create CA] **********************************************************************************************************************************************************
in my playbook i have this:
vars:
# EasyRSA
easyrsa_generate_dh: true
easyrsa_replace_pki: false
easyrsa_conf_req_country: IT
easyrsa_conf_req_province: "MT"
easyrsa_conf_req_city: "Matera"
easyrsa_conf_req_org: "Ninux"
easyrsa_conf_req_email: "[email protected]"
easyrsa_conf_req_ou: "Ninux Basilicata"
easyrsa_conf_req_cn: "basilicata.ninux.org"
easyrsa_servers:
- name: server
easyrsa_clients:
- name: dns
- name: mikytux
easyrsa_pki_dir: /etc/easyrsa/pki
easyrsa_renew: "{{ easyrsa_clients }}"
I use with role Stouts.openvpn
Help me for resolve.
Best regards.
The task Create CA
executes easyrsa build-ca nopass
which fails for me:
* Using Easy-RSA configuration:
/usr/lib/easyrsa/vars
Easy-RSA error:
set_var - excess input
EasyRSA Version Information
Version: ~VER~
Generated: ~DATE~
SSL Lib: OpenSSL 1.1.1n 15 Mar 2022
Git Commit: ~GITHEAD~
Source Repo: https://github.com/OpenVPN/easy-rsa
Host: dev | nix | Linux | /bin/zsh
Easy-RSA error:
Failed to source the vars file.
EasyRSA Version Information
Version: ~VER~
Generated: ~DATE~
SSL Lib: OpenSSL 1.1.1n 15 Mar 2022
Git Commit: ~GITHEAD~
Source Repo: https://github.com/OpenVPN/easy-rsa
Host: dev | nix | Linux | /bin/zsh
Any idea what this is caused by?
I use your roles but don't find the file ta.kay
do you have a way to create it without changing the certificates already created?
Thanks
At line 18 of tasks/download.yml
file shouldn't be added a:
become: false
to let the local user that runs the role, and not the superuser if the role is executed with a become: true
, create the local directory to download credentials?
It works with default value,/tmp
and if we redefine easyrsa_download_dir
as a relative path.
Using current master (e97efb7) I get the following error on Debian 11:
TASK [nkakouros.easyrsa : Initiate PKI] ************************************************************************************************************************************************************************
Thursday 02 June 2022 14:24:45 +0200 (0:00:01.147) 0:00:40.501 *********
fatal: [example.com]: FAILED! => changed=true
cmd:
- easyrsa
- init-pki
delta: '0:00:00.005123'
end: '2022-06-02 14:24:46.114659'
msg: non-zero return code
rc: 1
start: '2022-06-02 14:24:46.109536'
stderr: |2-
Easy-RSA error:
Use of '--vars=FILE init-pki' is prohibited, use '--pki-dir=DIR'
stderr_lines: <omitted>
stdout: |2-
Version: dev | nix | Linux | /bin/zsh
stdout_lines: <omitted>
I receive the same error, when I try to execute easyrsa init-pki
on the commandline. I also tried to du easyrsa init-pki --pki-dir=/etc/easyrsa/pki
but it doesn't work either (same message).
Any idea why this is and how to fix this?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.