Fixes for tinc role (#4)

* ab3ec0b - Fix names of handlers * adffec8 - Allow configuring local cache dir
Tina-pm · Jan 5, 2025 · edea769 · edea769
2 parents 8bfa42f + adffec8
commit edea769
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 13 deletions.
diff --git a/roles/tinc/defaults/main.yml b/roles/tinc/defaults/main.yml
@@ -45,3 +45,6 @@ tinc__install_ferm_svc: false
 
 # Command paths.
 tinc__iproute2_path: /usr/bin/ip
+
+# Local path to cache host configurations.
+tinc__local_cache: fetch
diff --git a/roles/tinc/tasks/remove.yml b/roles/tinc/tasks/remove.yml
@@ -33,11 +33,12 @@
     path: /etc/systemd/system/{{ tinc__service_name }}.service.d/override.conf
     state: absent
   notify:
-    - reload systemd
+    - Reload systemd
   when: tinc__use_systemd
 
 - name: Delete local configuration copy
   ansible.builtin.file:
-    path: fetch/{{ tinc__netname }}/{{ inventory_hostname }}
+    path: |-
+      {{ tinc__local_cache }}/{{ tinc__netname }}/{{ inventory_hostname }}
     state: absent
   delegate_to: localhost
diff --git a/roles/tinc/tasks/setup.yml b/roles/tinc/tasks/setup.yml
@@ -24,7 +24,7 @@
     insertbefore: BOF
     create: false
   notify:
-    - restart tinc
+    - Restart tinc
 
 - name: Ensure tinc network directory exists
   ansible.builtin.file:
@@ -39,7 +39,7 @@
     mode: '0644'
     create: true
   notify:
-    - restart tinc
+    - Restart tinc
   when: not tinc__use_systemd
 
 - name: Create tinc.conf file from template
@@ -48,7 +48,7 @@
     dest: /etc/tinc/{{ tinc__netname }}/tinc.conf
     mode: '0644'
   notify:
-    - reload tinc
+    - Reload tinc
 
 - name: Create network configuration scripts
   ansible.builtin.template:
@@ -61,7 +61,7 @@
     - subnet-up
     - subnet-down
   notify:
-    - restart tinc
+    - Restart tinc
 
 - name: Check for crypto key pair
   ansible.builtin.command: >-
@@ -79,7 +79,7 @@
     dest: /etc/tinc/{{ tinc__netname }}/hosts/{{ inventory_hostname }}
     mode: '0644'
   notify:
-    - restart tinc
+    - Restart tinc
 
 # this is necessary because the public key will not be generated
 # (non-interactively) if the private key already exists
@@ -89,15 +89,15 @@
     state: absent
   when: tinc__public_key.changed
   notify:
-    - restart tinc
+    - Restart tinc
 
 - name: Delete private key and regenerate keypair  # noqa: no-handler
   ansible.builtin.command: tincd -n {{ tinc__netname }} -K4096
   args:
     creates: /etc/tinc/{{ tinc__netname }}/rsa_key.priv
   when: tinc__public_key.changed
   notify:
-    - restart tinc
+    - Restart tinc
 
 - name: Find obsolete tinc host files
   ansible.builtin.command: ls /etc/tinc/{{ tinc__netname }}/hosts/
@@ -116,7 +116,8 @@
 - name: Fetch tinc hosts file after key creation
   ansible.builtin.fetch:
     src: /etc/tinc/{{ tinc__netname }}/hosts/{{ inventory_hostname }}
-    dest: fetch/{{ tinc__netname }}/{{ inventory_hostname }}
+    dest: |-
+      {{ tinc__local_cache }}/{{ tinc__netname }}/{{ inventory_hostname }}
     flat: true
 
 - name: Create tinc hosts file for hosts outside of ansible
@@ -131,11 +132,11 @@
 
 - name: Sync the fetched tinc hosts files on each host
   ansible.builtin.copy:
-    src: fetch/{{ tinc__netname }}/
+    src: '{{ tinc__local_cache }}/{{ tinc__netname }}/'
     dest: /etc/tinc/{{ tinc__netname }}/hosts/
     mode: '0644'
   notify:
-    - reload tinc
+    - Reload tinc
 
 - name: Ensure tinc meta-service is started
   ansible.builtin.service:
@@ -157,5 +158,6 @@
     owner: root
     group: adm
     mode: '0644'
-  notify: reload ferm
+  notify:
+    - Reload ferm
   when: tinc__install_ferm_svc and tinc__allow_incoming_connections