ansible-network · victorock · Apr 26, 2019 · Apr 26, 2019 · May 3, 2019 · May 3, 2019
diff --git a/defaults/main.yaml b/defaults/main.yaml
@@ -9,8 +9,15 @@ cloud_vpn_name: cvpn
 cloud_vpn_state: present
 cloud_vpn_pause_before_config_seconds: 30
 
+cloud_vpn_initiator_securitygroup_name: "{{ cloud_vpn_name }}-initiator-securitygroup"
+cloud_vpn_responder_securitygroup_name: "{{ cloud_vpn_name }}-responder-securitygroup"
+
+cloud_vpn_initiator_instance_name: "{{ cloud_vpn_name }}-initiator-instance"
+cloud_vpn_responder_instance_name: "{{ cloud_vpn_name }}-responder-instance"
+
 cloud_vpn_initiator_key_name: "{{ cloud_vpn_name }}-initiator-keypair"
 cloud_vpn_responder_key_name: "{{ cloud_vpn_name }}-responder-keypair"
+
 cloud_vpn_tunnel_cidr: 169.254.56.24/30
 cloud_vpn_tunnel_failover_cidr: 169.254.56.28/30
 
@@ -28,3 +35,14 @@ cloud_vpn_responder_cidr: 192.168.0.0/24
 cloud_vpn_responder_private_ip: 192.168.0.10
 cloud_vpn_responder_tunnel_ip: 169.254.56.26
 cloud_vpn_responder_bgp_asn: 65001
+
+
+cloud_vpn_responder_vpc_name: "{{ cloud_vpn_name }}-responder-vpc"
+cloud_vpn_responder_subnet_name: "{{ cloud_vpn_name }}-responder-subnet"
+cloud_vpn_responder_routetable_name: "{{ cloud_vpn_name }}-responder-routetable"
+cloud_vpn_responder_internetgateway_name: "{{ cloud_vpn_name }}-responder-internetgw"
+
+cloud_vpn_initiator_vpc_name: "{{ cloud_vpn_name }}-initiator-vpc"
+cloud_vpn_initiator_subnet_name: "{{ cloud_vpn_name }}-initiator-subnet"
+cloud_vpn_initiator_routetable_name: "{{ cloud_vpn_name }}-initiator-routetable"
+cloud_vpn_initiator_internetgateway_name: "{{ cloud_vpn_name }}-initiator-internetgw"
diff --git a/tasks/create_vpn.yaml b/tasks/create_vpn.yaml
@@ -20,6 +20,12 @@
 - name: Include add host initiator tasks
   include_tasks: add_host_initiator.yaml
 
+- name: Include pre configure initiator hooks tasks
+  include_tasks: pre_configure_initiator_hooks.yaml
+
+- name: Include pre configure responder hooks tasks
+  include_tasks: pre_configure_responder_hooks.yaml
+
 - name: Include configure vpn responder tasks
   include_tasks: configure_vpn_responder.yaml
 

diff --git a/tasks/main.yaml b/tasks/main.yaml
@@ -1,19 +1,41 @@
 ---
+- name: "set role supported functions"
+  set_fact:
+    cloud_vpn_functions:
+      - add_host_initiator
+      - add_host_responder
+      - configure_routing_initiator
+      - configure_routing_responder
+      - configure_vpn_initiator
+      - configure_vpn_responder
+      - create_vpn
+      - delete_vpn
+      - deprovision_initiator
+      - deprovision_responder
+      - get_provisioner_facts_initiator
+      - get_provisioner_facts_responder
+      - get_vpn_facts
+      - install_pip_requirements
+      - load_initiator_defaults
+      - load_responder_defaults
+      - loop_tunnels
+      - post_configure_initiator_hooks
+      - post_configure_responder_hooks
+      - pre_configure_initiator_hooks
+      - pre_configure_responder_hooks
+      - process_tunnel
+      - provision_initiator
+      - provision_responder
+      - run
+      - show_login_info_initiator
+      - show_login_info_responder
+      - unconfigure_initiator
+      - unconfigure_responder
 
-- name: Install required pip packages
-  include_tasks: install_pip_requirements.yaml
-  when: cloud_vpn_install_pip_requirements
+- name: "validate the requested function is supported"
+  fail:
+    msg: "expected one of {{ cloud_vpn_functions }}, got {{ function }}"
+  when: function | default('run') not in cloud_vpn_functions
 
-- name: Include loop tunnels tasks
-  include_tasks: loop_tunnels.yaml
-  when: cloud_vpn_tunnels is defined
-
-- block:
-    - name: Include create VPN tasks
-      include_tasks: create_vpn.yaml
-      when: cloud_vpn_state == 'present'
-
-    - name: Include delete VPN tasks
-      include_tasks: delete_vpn.yaml
-      when: cloud_vpn_state == 'absent'
-  when: cloud_vpn_tunnels is not defined
+- name: include function specific tasks and run
+  include_tasks: "{{ function  | default('run') }}.yaml"
diff --git a/tasks/post_configure_initiator_hooks.yaml b/tasks/post_configure_initiator_hooks.yaml
@@ -3,3 +3,8 @@
 - name: Include post configure initiator hooks tasks
   include_tasks: "{{ cloud_vpn_initiator_post_configure_hooks }}"
   when: cloud_vpn_initiator_post_configure_hooks is defined
+
+- name: Include post configure initiator hooks role
+  include_role:
+    name: "{{ cloud_vpn_initiator_post_configure_hooks_role }}"
+  when: cloud_vpn_initiator_post_configure_hooks_role is defined
diff --git a/tasks/post_configure_responder_hooks.yaml b/tasks/post_configure_responder_hooks.yaml
@@ -3,3 +3,8 @@
 - name: Include post configure responder hooks tasks
   include_tasks: "{{ cloud_vpn_responder_post_configure_hooks }}"
   when: cloud_vpn_responder_post_configure_hooks is defined
+
+- name: Include post configure responder hooks role
+  include_role:
+    name: "{{ cloud_vpn_responder_post_configure_hooks_role }}"
+  when: cloud_vpn_responder_post_configure_hooks_role is defined
diff --git a/tasks/pre_configure_initiator_hooks.yaml b/tasks/pre_configure_initiator_hooks.yaml
@@ -0,0 +1,9 @@
+---
+- name: "Include pre configure initiator hooks tasks"
+  include_tasks: "{{ cloud_vpn_initiator_pre_configure_hooks }}"
+  when: cloud_vpn_initiator_pre_configure_hooks is defined
+
+- name: "Include pre configure initiator hooks role"
+  include_role:
+    name: "{{ cloud_vpn_initiator_pre_configure_hooks_role }}"
+  when: cloud_vpn_initiator_pre_configure_hooks_role is defined
diff --git a/tasks/pre_configure_responder_hooks.yaml b/tasks/pre_configure_responder_hooks.yaml
@@ -0,0 +1,10 @@
+---
+
+- name: Include pre configure responder hooks tasks
+  include_tasks: "{{ cloud_vpn_responder_pre_configure_hooks }}"
+  when: cloud_vpn_responder_pre_configure_hooks is defined
+
+- name: Include pre configure responder hooks role
+  include_role:
+    name: "{{ cloud_vpn_responder_pre_configure_hooks_role }}"
+  when: cloud_vpn_responder_pre_configure_hooks_role is defined
diff --git a/tasks/run.yaml b/tasks/run.yaml
@@ -0,0 +1,19 @@
+---
+
+- name: Install required pip packages
+  include_tasks: install_pip_requirements.yaml
+  when: cloud_vpn_install_pip_requirements
+
+- name: Include loop tunnels tasks
+  include_tasks: loop_tunnels.yaml
+  when: cloud_vpn_tunnels is defined
+
+- block:
+    - name: Include create VPN tasks
+      include_tasks: create_vpn.yaml
+      when: cloud_vpn_state == 'present'
+
+    - name: Include delete VPN tasks
+      include_tasks: delete_vpn.yaml
+      when: cloud_vpn_state == 'absent'
+  when: cloud_vpn_tunnels is not defined