You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.

barrier.yaml 2.0KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364
  1. ---
  2. - name: barrier directory
  3. file:
  4. path: ~/.local/share/barrier
  5. state: directory
  6. - name: barrier SSL directory
  7. file:
  8. path: ~/.local/share/barrier/SSL
  9. state: directory
  10. - name: barrier SSL Fingerprints directory
  11. file:
  12. path: ~/.local/share/barrier/SSL/Fingerprints
  13. state: directory
  14. - name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
  15. community.crypto.openssl_privatekey:
  16. path: ~/.local/share/barrier/SSL/Barrier.key
  17. return_content: true
  18. register: barrier_openssl_privatekey
  19. - name: Generate an OpenSSL Certificate Signing Request
  20. community.crypto.openssl_csr:
  21. common_name: Barrier
  22. privatekey_path: ~/.local/share/barrier/SSL/Barrier.key
  23. path: ~/.local/share/barrier/SSL/Barrier.csr
  24. - name: barrier x509 certificate
  25. community.crypto.x509_certificate:
  26. provider: selfsigned
  27. privatekey_path: ~/.local/share/barrier/SSL/Barrier.key
  28. csr_path: ~/.local/share/barrier/SSL/Barrier.csr
  29. path: ~/.local/share/barrier/SSL/Barrier.crt
  30. return_content: true
  31. register: barrier_x509_certificate
  32. - name: barrier certificate key file
  33. copy:
  34. content: "{{barrier_openssl_privatekey.privatekey}}{{barrier_x509_certificate.certificate}}"
  35. dest: ~/.local/share/barrier/SSL/Barrier.pem
  36. - name: bacreate fingerprint file
  37. shell: openssl x509 -fingerprint -sha1 -noout -in ~/.local/share/barrier/SSL/Barrier.pem | sed -e "s/.*=//" > ~/.local/share/barrier/SSL/Fingerprints/Local.txt
  38. args:
  39. creates: ~/.local/share/barrier/SSL/Fingerprints/Local.txt
  40. - name: barrier server config
  41. template:
  42. src: barrier/barrier.conf.j2
  43. dest: ~/.local/share/barrier/.barrier.conf
  44. - name: barrier server user service
  45. template:
  46. src: barrier/barriers.service.j2
  47. dest: ~/.config/systemd/user/barriers.service
  48. notify: systemd daemon-reload
  49. - name: barrier client user service
  50. template:
  51. src: barrier/barrierc@.service.j2
  52. dest: ~/.config/systemd/user/barrierc@.service
  53. notify: systemd daemon-reload