+ cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_default.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_default.yml **************************************************** 1 plays in /tmp/tmpgln9hoz4/tests/tests_default.yml PLAY [Ensure that the role runs with default parameters] *********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_default.yml:2 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": []}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=8 changed=1 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 + cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_defaults_vars.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_defaults_vars.yml ********************************************** 1 plays in /tmp/tmpgln9hoz4/tests/tests_defaults_vars.yml PLAY [Ensure that the role declares all parameters in defaults] **************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_defaults_vars.yml:2 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [include_role : linux-system-roles.vpn] *********************************** task path: /tmp/tmpgln9hoz4/tests/tests_defaults_vars.yml:7 TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": []}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 TASK [Assert that the role declares all parameters in defaults] **************** task path: /tmp/tmpgln9hoz4/tests/tests_defaults_vars.yml:10 ok: [/cache/fedora-32.qcow2] => (item=vpn_provider) => { "ansible_loop_var": "item", "changed": false, "item": "vpn_provider", "msg": "All assertions passed" } ok: [/cache/fedora-32.qcow2] => (item=vpn_auth_method) => { "ansible_loop_var": "item", "changed": false, "item": "vpn_auth_method", "msg": "All assertions passed" } ok: [/cache/fedora-32.qcow2] => (item=vpn_regen_keys) => { "ansible_loop_var": "item", "changed": false, "item": "vpn_regen_keys", "msg": "All assertions passed" } ok: [/cache/fedora-32.qcow2] => (item=vpn_connections) => { "ansible_loop_var": "item", "changed": false, "item": "vpn_connections", "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=9 changed=1 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 + cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_host_to_host_cert.yml ****************************************** 1 plays in /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:3 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [Set up test environment] ************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:13 included: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml for /cache/fedora-32.qcow2 TASK [Set platform/version specific variables] ********************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [Change inventory_hostname] *********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:10 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"inventory_hostname": "mainhost.local"}, "changed": false} TASK [add dummy main host] ***************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:16 creating host via 'add_host': hostname=mainhost.local changed: [/cache/fedora-32.qcow2] => {"add_host": {"groups": [], "host_name": "mainhost.local", "host_vars": {}}, "changed": true} TASK [Create nss directory for testing] **************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:22 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Create /etc/ipsec.d directory for testing] ******************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:28 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Dynamically add more hosts] ********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:34 included: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml for /cache/fedora-32.qcow2 TASK [dynamically add multiple hosts for testing] ****************************** task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:2 creating host via 'add_host': hostname=host01.local changed: [/cache/fedora-32.qcow2] => (item=1) => {"add_host": {"groups": ["testing"], "host_name": "host01.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 1} creating host via 'add_host': hostname=host02.local changed: [/cache/fedora-32.qcow2] => (item=2) => {"add_host": {"groups": ["testing"], "host_name": "host02.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 2} TASK [create mock vpn_connections] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:11 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}}]}, "changed": false} TASK [Create dummy policies directory for testing] ***************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:39 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:45 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:51 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:57 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Add cert options to check] *********************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:19 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auth_method": "cert", "auto": "start", "hosts": {"host01.local": {"cert_name": "cert2"}, "host02.local": {"cert_name": "cert3"}, "mainhost.local": {"cert_name": "cert1"}}}]}, "changed": false} TASK [Save certname for main host] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:32 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"__vpn_main_certname": "cert1"}, "changed": false} TASK [Use vpn role] ************************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:36 TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auth_method": "cert", "auto": "start", "hosts": {"host01.local": {"cert_name": "cert2"}, "host02.local": {"cert_name": "cert3"}, "mainhost.local": {"cert_name": "cert1"}}}]}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 changed: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "13bde0c9ba4bd4b0ecbf7eebc492a526c3aa2e2d", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "gid": 0, "group": "root", "item": "host01.local", "md5sum": "f4a9bcc65f3588478523d3bc83424d91", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 214, "src": "/root/.ansible/tmp/ansible-tmp-1618263759.974511-109780-32720454980350/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "0e5371e9749e22deb4b351fe1a7612f02321158d", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "gid": 0, "group": "root", "item": "host02.local", "md5sum": "54434f82b346697325e6cef42ed1629a", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 214, "src": "/root/.ansible/tmp/ansible-tmp-1618263760.8581426-109780-276082790150020/source", "state": "file", "uid": 0} NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"exists": false}} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": {"exists": false}} TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "0ad8af97632026e45588f8ed74eda2c591cff136", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}}, "item": "host01.local", "stat": {"exists": false}}, "md5sum": "6e2eb5daebb03874c57ade6d81fb9ffd", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 44, "src": "/root/.ansible/tmp/ansible-tmp-1618263762.2093909-109862-165429913659957/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "80f0615c006cacafb3c136dbdc318f5a19b0df16", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"}}, "item": "host02.local", "stat": {"exists": false}}, "md5sum": "fd37310f8d3a976b2501b8802679f1d8", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 44, "src": "/root/.ansible/tmp/ansible-tmp-1618263762.837584-109862-78752097016692/source", "state": "file", "uid": 0} TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 skipping: [/cache/fedora-32.qcow2] => (item={'hosts': {'mainhost.local': {'cert_name': 'cert1'}, 'host01.local': {'cert_name': 'cert2'}, 'host02.local': {'cert_name': 'cert3'}}, 'auth_method': 'cert', 'auto': 'start'}) => {"ansible_loop_var": "conn", "changed": false, "conn": {"auth_method": "cert", "auto": "start", "hosts": {"host01.local": {"cert_name": "cert2"}, "host02.local": {"cert_name": "cert3"}, "mainhost.local": {"cert_name": "cert1"}}}, "skip_reason": "Conditional result was False"} TASK [Assert file existence] *************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:40 included: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml for /cache/fedora-32.qcow2 TASK [stat conf files paths] *************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:2 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"atime": 1618263760.171898, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "13bde0c9ba4bd4b0ecbf7eebc492a526c3aa2e2d", "ctime": 1618263760.1758978, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5217, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263759.807898, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 214, "uid": 0, "version": "836727473", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": {"atime": 1618263760.788898, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0e5371e9749e22deb4b351fe1a7612f02321158d", "ctime": 1618263760.792898, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5218, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263760.551898, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 214, "uid": 0, "version": "2154385140", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [stat secrets files paths] ************************************************ task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:8 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"atime": 1618263762.144898, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0ad8af97632026e45588f8ed74eda2c591cff136", "ctime": 1618263762.150898, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5351, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263761.9088979, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 44, "uid": 0, "version": "2534351992", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": {"atime": 1618263762.821898, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "80f0615c006cacafb3c136dbdc318f5a19b0df16", "ctime": 1618263762.827898, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5414, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263762.5568979, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 44, "uid": 0, "version": "4091665386", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:14 ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 214, 'inode': 5217, 'dev': 64513, 'nlink': 1, 'atime': 1618263760.171898, 'mtime': 1618263759.807898, 'ctime': 1618263760.1758978, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '13bde0c9ba4bd4b0ecbf7eebc492a526c3aa2e2d', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '836727473', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf" } }, "item": "host01.local", "stat": { "atime": 1618263760.171898, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "13bde0c9ba4bd4b0ecbf7eebc492a526c3aa2e2d", "ctime": 1618263760.1758978, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5217, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263759.807898, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 214, "uid": 0, "version": "836727473", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 214, 'inode': 5218, 'dev': 64513, 'nlink': 1, 'atime': 1618263760.788898, 'mtime': 1618263760.551898, 'ctime': 1618263760.792898, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '0e5371e9749e22deb4b351fe1a7612f02321158d', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '2154385140', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf" } }, "item": "host02.local", "stat": { "atime": 1618263760.788898, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0e5371e9749e22deb4b351fe1a7612f02321158d", "ctime": 1618263760.792898, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5218, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263760.551898, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 214, "uid": 0, "version": "2154385140", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:20 ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'mode': '0600', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 44, 'inode': 5351, 'dev': 64513, 'nlink': 1, 'atime': 1618263762.144898, 'mtime': 1618263761.9088979, 'ctime': 1618263762.150898, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': False, 'xgrp': False, 'woth': False, 'roth': False, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '0ad8af97632026e45588f8ed74eda2c591cff136', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '2534351992', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" } }, "item": "host01.local", "stat": { "atime": 1618263762.144898, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0ad8af97632026e45588f8ed74eda2c591cff136", "ctime": 1618263762.150898, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5351, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263761.9088979, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 44, "uid": 0, "version": "2534351992", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'mode': '0600', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 44, 'inode': 5414, 'dev': 64513, 'nlink': 1, 'atime': 1618263762.821898, 'mtime': 1618263762.5568979, 'ctime': 1618263762.827898, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': False, 'xgrp': False, 'woth': False, 'roth': False, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '80f0615c006cacafb3c136dbdc318f5a19b0df16', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '4091665386', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets" } }, "item": "host02.local", "stat": { "atime": 1618263762.821898, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "80f0615c006cacafb3c136dbdc318f5a19b0df16", "ctime": 1618263762.827898, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5414, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263762.5568979, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 44, "uid": 0, "version": "4091665386", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } TASK [reset success flag] ****************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:43 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"__vpn_success": true}, "changed": false} TASK [get and store conf files] ************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:47 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.conf"} TASK [check that conf file contains correct information] *********************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:53 skipping: [/cache/fedora-32.qcow2] => (item={'content': 'Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==', 'source': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host01.local.conf'}}, 'failed': False, 'changed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 0, "item": {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"}}, "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"}, "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item={'content': 'Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==', 'source': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host02.local.conf'}}, 'failed': False, 'changed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 1, "item": {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host02.local.conf"}}, "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.conf"}, "skip_reason": "Conditional result was False"} TASK [assert success for conf files] ******************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:79 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [get and store secrets files] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:84 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDEubG9jYWwgOiBSU0EgImNlcnQxIgo=", "encoding": "base64", "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDIubG9jYWwgOiBSU0EgImNlcnQxIgo=", "encoding": "base64", "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"} TASK [check that secrets file contains correct information] ******************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:90 skipping: [/cache/fedora-32.qcow2] => (item={'content': 'QG1haW5ob3N0LmxvY2FsIEBob3N0MDEubG9jYWwgOiBSU0EgImNlcnQxIgo=', 'source': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets'}}, 'failed': False, 'changed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 0, "item": {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDEubG9jYWwgOiBSU0EgImNlcnQxIgo=", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}}, "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}, "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item={'content': 'QG1haW5ob3N0LmxvY2FsIEBob3N0MDIubG9jYWwgOiBSU0EgImNlcnQxIgo=', 'source': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets'}}, 'failed': False, 'changed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 1, "item": {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDIubG9jYWwgOiBSU0EgImNlcnQxIgo=", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"}}, "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"}, "skip_reason": "Conditional result was False"} TASK [assert success for secrets files] **************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_cert.yml:99 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "414900173126.11412", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/414900173126.11412", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "613152075520.11852", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/613152075520.11852", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=38 changed=9 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0 + cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_host_to_host_psk.yml ******************************************* 1 plays in /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:2 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [Set up test environment] ************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:12 included: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml for /cache/fedora-32.qcow2 TASK [Set platform/version specific variables] ********************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [Change inventory_hostname] *********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:10 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"inventory_hostname": "mainhost.local"}, "changed": false} TASK [add dummy main host] ***************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:16 creating host via 'add_host': hostname=mainhost.local changed: [/cache/fedora-32.qcow2] => {"add_host": {"groups": [], "host_name": "mainhost.local", "host_vars": {}}, "changed": true} TASK [Create nss directory for testing] **************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:22 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Create /etc/ipsec.d directory for testing] ******************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:28 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Dynamically add more hosts] ********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:34 included: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml for /cache/fedora-32.qcow2 TASK [dynamically add multiple hosts for testing] ****************************** task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:2 creating host via 'add_host': hostname=host01.local changed: [/cache/fedora-32.qcow2] => (item=1) => {"add_host": {"groups": ["testing"], "host_name": "host01.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 1} creating host via 'add_host': hostname=host02.local changed: [/cache/fedora-32.qcow2] => (item=2) => {"add_host": {"groups": ["testing"], "host_name": "host02.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 2} TASK [create mock vpn_connections] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:11 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}}]}, "changed": false} TASK [Create dummy policies directory for testing] ***************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:39 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:45 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:51 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:57 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Add extra options to check] ********************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:18 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auto": "start", "hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}}]}, "changed": false} TASK [Use vpn role] ************************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:26 TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auth_method": "psk", "auto": "start", "hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}}]}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 changed: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "71eaa17ed61c1436a9794a85624f07ad070bfd72", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "gid": 0, "group": "root", "item": "host01.local", "md5sum": "8f485ada004df19622c7aa3b9cf0afb5", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 172, "src": "/root/.ansible/tmp/ansible-tmp-1618263829.9702804-110327-167291717880040/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "d3a946d2036965738c97e14f5af4e15077210a2e", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "gid": 0, "group": "root", "item": "host02.local", "md5sum": "d3afb92c39a6685a848a4cc7d47f7d12", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 172, "src": "/root/.ansible/tmp/ansible-tmp-1618263830.8784742-110327-25599433917145/source", "state": "file", "uid": 0} NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"exists": false}} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": {"exists": false}} TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "02a1c4c7582b4c6e98f0fc4dbd5bb4cfd27a6df9", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}}, "item": "host01.local", "stat": {"exists": false}}, "md5sum": "d3c38ee99d78dd25a4d331f533e0711d", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 103, "src": "/root/.ansible/tmp/ansible-tmp-1618263832.2753282-110409-250792309027548/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "e48030357b3d4b07c01fbc57ec5b4169818179f5", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"}}, "item": "host02.local", "stat": {"exists": false}}, "md5sum": "e29d5db5a9546cb53a8b7c05b29bc6f3", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 103, "src": "/root/.ansible/tmp/ansible-tmp-1618263832.9346297-110409-272409399127431/source", "state": "file", "uid": 0} TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 skipping: [/cache/fedora-32.qcow2] => (item={'hosts': {'mainhost.local': '', 'host01.local': '', 'host02.local': ''}, 'auto': 'start', 'auth_method': 'psk'}) => {"ansible_loop_var": "conn", "changed": false, "conn": {"auth_method": "psk", "auto": "start", "hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}}, "skip_reason": "Conditional result was False"} TASK [Assert file existence] *************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:30 included: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml for /cache/fedora-32.qcow2 TASK [stat conf files paths] *************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:2 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"atime": 1618263830.3061552, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "71eaa17ed61c1436a9794a85624f07ad070bfd72", "ctime": 1618263830.3101554, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5217, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263829.9411552, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 172, "uid": 0, "version": "105627357", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": {"atime": 1618263830.9481554, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d3a946d2036965738c97e14f5af4e15077210a2e", "ctime": 1618263830.9531553, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5218, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263830.6891553, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 172, "uid": 0, "version": "3819168383", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [stat secrets files paths] ************************************************ task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:8 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"atime": 1618263832.3511553, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "02a1c4c7582b4c6e98f0fc4dbd5bb4cfd27a6df9", "ctime": 1618263832.3571553, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5363, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263832.0961554, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 103, "uid": 0, "version": "4227653025", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": {"atime": 1618263833.0141554, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "e48030357b3d4b07c01fbc57ec5b4169818179f5", "ctime": 1618263833.0211554, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5405, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263832.7591553, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 103, "uid": 0, "version": "1670771741", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:14 ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 172, 'inode': 5217, 'dev': 64513, 'nlink': 1, 'atime': 1618263830.3061552, 'mtime': 1618263829.9411552, 'ctime': 1618263830.3101554, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '71eaa17ed61c1436a9794a85624f07ad070bfd72', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '105627357', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf" } }, "item": "host01.local", "stat": { "atime": 1618263830.3061552, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "71eaa17ed61c1436a9794a85624f07ad070bfd72", "ctime": 1618263830.3101554, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5217, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263829.9411552, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 172, "uid": 0, "version": "105627357", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 172, 'inode': 5218, 'dev': 64513, 'nlink': 1, 'atime': 1618263830.9481554, 'mtime': 1618263830.6891553, 'ctime': 1618263830.9531553, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': 'd3a946d2036965738c97e14f5af4e15077210a2e', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '3819168383', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf" } }, "item": "host02.local", "stat": { "atime": 1618263830.9481554, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d3a946d2036965738c97e14f5af4e15077210a2e", "ctime": 1618263830.9531553, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5218, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263830.6891553, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 172, "uid": 0, "version": "3819168383", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:20 ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'mode': '0600', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 103, 'inode': 5363, 'dev': 64513, 'nlink': 1, 'atime': 1618263832.3511553, 'mtime': 1618263832.0961554, 'ctime': 1618263832.3571553, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': False, 'xgrp': False, 'woth': False, 'roth': False, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '02a1c4c7582b4c6e98f0fc4dbd5bb4cfd27a6df9', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '4227653025', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" } }, "item": "host01.local", "stat": { "atime": 1618263832.3511553, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "02a1c4c7582b4c6e98f0fc4dbd5bb4cfd27a6df9", "ctime": 1618263832.3571553, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5363, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263832.0961554, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 103, "uid": 0, "version": "4227653025", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'mode': '0600', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 103, 'inode': 5405, 'dev': 64513, 'nlink': 1, 'atime': 1618263833.0141554, 'mtime': 1618263832.7591553, 'ctime': 1618263833.0211554, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': False, 'xgrp': False, 'woth': False, 'roth': False, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': 'e48030357b3d4b07c01fbc57ec5b4169818179f5', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '1670771741', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets" } }, "item": "host02.local", "stat": { "atime": 1618263833.0141554, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "e48030357b3d4b07c01fbc57ec5b4169818179f5", "ctime": 1618263833.0211554, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5405, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263832.7591553, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 103, "uid": 0, "version": "1670771741", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } TASK [reset success flag] ****************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:33 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"__vpn_success": true}, "changed": false} TASK [get and store conf files] ************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:37 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICBhdXRoYnk9c2VjcmV0Cg==", "encoding": "base64", "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICBhdXRoYnk9c2VjcmV0Cg==", "encoding": "base64", "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.conf"} TASK [check that conf file contains correct information] *********************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:43 skipping: [/cache/fedora-32.qcow2] => (item={'content': 'Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICBhdXRoYnk9c2VjcmV0Cg==', 'source': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host01.local.conf'}}, 'failed': False, 'changed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 0, "item": {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICBhdXRoYnk9c2VjcmV0Cg==", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"}}, "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"}, "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item={'content': 'Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICBhdXRoYnk9c2VjcmV0Cg==', 'source': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host02.local.conf'}}, 'failed': False, 'changed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 1, "item": {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICBhdXRoYnk9c2VjcmV0Cg==", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host02.local.conf"}}, "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.conf"}, "skip_reason": "Conditional result was False"} TASK [assert success for conf files] ******************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:65 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [get and store secrets files] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:70 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDEubG9jYWwgOiBQU0sgImxWaDhVQ2hqbGVieTNEMFR5Y2V6U1pVOXVtZ2pzcExkSFJSeGhkaU9TV3dpM3daeDJYT3JqR2tzV2x0QU40OTIiCg==", "encoding": "base64", "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDIubG9jYWwgOiBQU0sgIjg3SnhXbSs1bFZYWXJtemlQVzlnaTlRaERsMVh4Wjl5S0xiWHk3T0xoVmxzYUpUM20zTEhaNzh5NnNZeG5Sc20iCg==", "encoding": "base64", "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"} TASK [check that secrets file contains correct information] ******************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:76 skipping: [/cache/fedora-32.qcow2] => (item={'content': 'QG1haW5ob3N0LmxvY2FsIEBob3N0MDEubG9jYWwgOiBQU0sgImxWaDhVQ2hqbGVieTNEMFR5Y2V6U1pVOXVtZ2pzcExkSFJSeGhkaU9TV3dpM3daeDJYT3JqR2tzV2x0QU40OTIiCg==', 'source': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets'}}, 'failed': False, 'changed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 0, "item": {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDEubG9jYWwgOiBQU0sgImxWaDhVQ2hqbGVieTNEMFR5Y2V6U1pVOXVtZ2pzcExkSFJSeGhkaU9TV3dpM3daeDJYT3JqR2tzV2x0QU40OTIiCg==", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}}, "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}, "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item={'content': 'QG1haW5ob3N0LmxvY2FsIEBob3N0MDIubG9jYWwgOiBQU0sgIjg3SnhXbSs1bFZYWXJtemlQVzlnaTlRaERsMVh4Wjl5S0xiWHk3T0xoVmxzYUpUM20zTEhaNzh5NnNZeG5Sc20iCg==', 'source': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets'}}, 'failed': False, 'changed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 1, "item": {"ansible_loop_var": "item", "changed": false, "content": "QG1haW5ob3N0LmxvY2FsIEBob3N0MDIubG9jYWwgOiBQU0sgIjg3SnhXbSs1bFZYWXJtemlQVzlnaTlRaERsMVh4Wjl5S0xiWHk3T0xoVmxzYUpUM20zTEhaNzh5NnNZeG5Sc20iCg==", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"}}, "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"}, "skip_reason": "Conditional result was False"} TASK [assert success for secrets files] **************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_host_psk.yml:87 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "216804493707.11443", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/216804493707.11443", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "860965550650.11883", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/860965550650.11883", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=37 changed=9 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0 + cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_host_to_unmanaged_host.yml ************************************* 1 plays in /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:3 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [Set up test environment] ************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:15 included: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml for /cache/fedora-32.qcow2 TASK [Set platform/version specific variables] ********************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [Change inventory_hostname] *********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:10 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"inventory_hostname": "mainhost.local"}, "changed": false} TASK [add dummy main host] ***************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:16 creating host via 'add_host': hostname=mainhost.local changed: [/cache/fedora-32.qcow2] => {"add_host": {"groups": [], "host_name": "mainhost.local", "host_vars": {}}, "changed": true} TASK [Create nss directory for testing] **************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:22 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Create /etc/ipsec.d directory for testing] ******************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:28 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Dynamically add more hosts] ********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:34 included: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml for /cache/fedora-32.qcow2 TASK [dynamically add multiple hosts for testing] ****************************** task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:2 creating host via 'add_host': hostname=host01.local changed: [/cache/fedora-32.qcow2] => (item=1) => {"add_host": {"groups": ["testing"], "host_name": "host01.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 1} creating host via 'add_host': hostname=host02.local changed: [/cache/fedora-32.qcow2] => (item=2) => {"add_host": {"groups": ["testing"], "host_name": "host02.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 2} TASK [create mock vpn_connections] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:11 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}}]}, "changed": false} TASK [Create dummy policies directory for testing] ***************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:39 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:45 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:51 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:57 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Add extra options and unmanaged host] ************************************ task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:21 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"hosts": {"host01.local": "", "host02.local": "", "host03.local": {"hostname": "169.254.1.1"}, "mainhost.local": ""}}]}, "changed": false} TASK [Use vpn role] ************************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:30 TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auth_method": "psk", "hosts": {"host01.local": "", "host02.local": "", "host03.local": {"hostname": "169.254.1.1"}, "mainhost.local": ""}}]}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 changed: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "4e05d12fcaac4da4b2673b0d1f0a715761e827af", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "gid": 0, "group": "root", "item": "host01.local", "md5sum": "a2065e82c1ee1cd0c00ad16936e04914", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 159, "src": "/root/.ansible/tmp/ansible-tmp-1618263912.804827-110918-21413475891087/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "4c39a5b0594cc0c1a7970da3e8048baedf662c8e", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "gid": 0, "group": "root", "item": "host02.local", "md5sum": "3c50c10e749507e30124f2cd0ce0c6a6", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 159, "src": "/root/.ansible/tmp/ansible-tmp-1618263913.6812797-110918-31521181861807/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item=host03.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "5eb1a4b61fa823d09fd7ae23d9f67450c78fe660", "dest": "/etc/ipsec.d/mainhost.local-to-host03.local.conf", "gid": 0, "group": "root", "item": "host03.local", "md5sum": "a56458819d6ba45251cd824da8ec7952", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 155, "src": "/root/.ansible/tmp/ansible-tmp-1618263914.3466434-110918-203701816092386/source", "state": "file", "uid": 0} NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"exists": false}} ok: [/cache/fedora-32.qcow2] => (item=host02.local) => {"ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": {"exists": false}} ok: [/cache/fedora-32.qcow2] => (item=host03.local) => {"ansible_loop_var": "item", "changed": false, "item": "host03.local", "stat": {"exists": false}} TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "376a86bf1f60964c4ca29cfdd8a765c8b5ccbbcc", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}}, "item": "host01.local", "stat": {"exists": false}}, "md5sum": "4177f699f8c3b6043945cbe831844e48", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 103, "src": "/root/.ansible/tmp/ansible-tmp-1618263916.0548828-111038-42749099965185/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "5aeea1d8834f11522e5987d66f0db94ddc4f840d", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets"}}, "item": "host02.local", "stat": {"exists": false}}, "md5sum": "9c043883358fdc73ef184acc45d51538", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 103, "src": "/root/.ansible/tmp/ansible-tmp-1618263916.6895232-111038-273262423132616/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host03.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host03.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "9699cb6cfbdb1b2e6eb561ee9ec16f9b11c8cc1f", "dest": "/etc/ipsec.d/mainhost.local-to-host03.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host03.local.secrets"}}, "item": "host03.local", "stat": {"exists": false}}, "md5sum": "d85e5569c7459b9bd18e76213554a044", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 101, "src": "/root/.ansible/tmp/ansible-tmp-1618263917.3144603-111038-26089218264518/source", "state": "file", "uid": 0} TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 skipping: [/cache/fedora-32.qcow2] => (item={'hosts': {'mainhost.local': '', 'host01.local': '', 'host02.local': '', 'host03.local': {'hostname': '169.254.1.1'}}, 'auth_method': 'psk'}) => {"ansible_loop_var": "conn", "changed": false, "conn": {"auth_method": "psk", "hosts": {"host01.local": "", "host02.local": "", "host03.local": {"hostname": "169.254.1.1"}, "mainhost.local": ""}}, "skip_reason": "Conditional result was False"} TASK [stat unmanaged host conf file path] ************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:34 ok: [/cache/fedora-32.qcow2] => {"changed": false, "stat": {"atime": 1618263914.2775, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5eb1a4b61fa823d09fd7ae23d9f67450c78fe660", "ctime": 1618263914.2814999, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5219, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618263914.0395, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host03.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 155, "uid": 0, "version": "22383721", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Assert existence of unmanaged host conf file] **************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:39 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [stat unmanaged host secrets file path] *********************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:44 ok: [/cache/fedora-32.qcow2] => {"changed": false, "stat": {"atime": 1618263917.2324998, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "9699cb6cfbdb1b2e6eb561ee9ec16f9b11c8cc1f", "ctime": 1618263917.2384999, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5435, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618263916.9935, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host03.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 101, "uid": 0, "version": "1040272937", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Assert existence of unmanaged host secrets file] ************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:49 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [reset success flag] ****************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:54 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"__vpn_success": true}, "changed": false} TASK [get and store conf file for unmanaged host] ****************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:58 ok: [/cache/fedora-32.qcow2] => {"changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by0xNjkuMjU0LjEuMQogIGxlZnQ9bWFpbmhvc3QubG9jYWwKICBsZWZ0aWQ9QG1haW5ob3N0LmxvY2FsCiAgcmlnaHQ9MTY5LjI1NC4xLjEKICByaWdodGlkPTE2OS4yNTQuMS4xCiAgaWtldjI9aW5zaXN0CiAgYXV0aGJ5PXNlY3JldAo=", "encoding": "base64", "source": "/etc/ipsec.d/mainhost.local-to-host03.local.conf"} TASK [check that unmanaged host conf file contains correct information] ******** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:63 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for unmanaged host conf file] ***************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:76 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [get and store unmanaged host secrets files] ****************************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:81 ok: [/cache/fedora-32.qcow2] => {"changed": false, "content": "QG1haW5ob3N0LmxvY2FsIDE2OS4yNTQuMS4xIDogUFNLICJFVWFBcjdhdjk3NG9lMEUxVEVMZ3ZxQ0E4ZlRlZmxjZEJqMXlzbDJrY1Z4cHRQdldOOFpLN3ZLRUdxYUwyaTltIgo=", "encoding": "base64", "source": "/etc/ipsec.d/mainhost.local-to-host03.local.secrets"} TASK [check that secrets file contains correct information] ******************** task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:86 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for unmanaged host secrets files] ************************* task path: /tmp/tmpgln9hoz4/tests/tests_host_to_unmanaged_host.yml:92 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "842020281264.11445", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/842020281264.11445", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "785488122601.11884", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/785488122601.11884", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=36 changed=9 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0 + cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_include_vars_from_parent.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_include_vars_from_parent.yml *********************************** 1 plays in /tmp/tmpgln9hoz4/tests/tests_include_vars_from_parent.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_include_vars_from_parent.yml:1 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [create var file in caller that can override the one in called role] ****** task path: /tmp/tmpgln9hoz4/tests/tests_include_vars_from_parent.yml:3 changed: [/cache/fedora-32.qcow2] => (item=Fedora-32) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpgln9hoz4/tests/roles/caller/vars/Fedora-32.yml", "gid": 0, "group": "root", "item": "Fedora-32", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1618263942.01994-111355-25146073118415/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item=Fedora_32) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpgln9hoz4/tests/roles/caller/vars/Fedora_32.yml", "gid": 0, "group": "root", "item": "Fedora_32", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1618263942.609479-111355-127085292387473/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item=Fedora) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpgln9hoz4/tests/roles/caller/vars/Fedora.yml", "gid": 0, "group": "root", "item": "Fedora", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1618263942.9373415-111355-165416441510656/source", "state": "file", "uid": 0} changed: [/cache/fedora-32.qcow2] => (item=RedHat) => {"ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpgln9hoz4/tests/roles/caller/vars/RedHat.yml", "gid": 0, "group": "root", "item": "RedHat", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1618263943.274221-111355-213244113284032/source", "state": "file", "uid": 0} TASK [include_role : {{ roletoinclude }}] ************************************** task path: /tmp/tmpgln9hoz4/tests/roles/caller/tasks/main.yml:4 TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": []}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 TASK [caller : assert] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/roles/caller/tasks/main.yml:7 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=10 changed=2 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 + cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_mesh_cert.yml ************************************************** 1 plays in /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:3 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [Set up test environment] ************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:17 included: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml for /cache/fedora-32.qcow2 TASK [Set platform/version specific variables] ********************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [Change inventory_hostname] *********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:10 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [add dummy main host] ***************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:16 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create nss directory for testing] **************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:22 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Create /etc/ipsec.d directory for testing] ******************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:28 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Dynamically add more hosts] ********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:34 included: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml for /cache/fedora-32.qcow2 TASK [dynamically add multiple hosts for testing] ****************************** task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:2 creating host via 'add_host': hostname=host01.local changed: [/cache/fedora-32.qcow2] => (item=1) => {"add_host": {"groups": ["testing"], "host_name": "host01.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 1} creating host via 'add_host': hostname=host02.local changed: [/cache/fedora-32.qcow2] => (item=2) => {"add_host": {"groups": ["testing"], "host_name": "host02.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 2} TASK [create mock vpn_connections] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:11 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}}]}, "changed": false} TASK [Create dummy policies directory for testing] ***************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:39 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d/policies", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:45 changed: [/cache/fedora-32.qcow2] => {"changed": true, "dest": "/etc/ipsec.d/policies/private", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:51 changed: [/cache/fedora-32.qcow2] => {"changed": true, "dest": "/etc/ipsec.d/policies/private-or-clear", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:57 changed: [/cache/fedora-32.qcow2] => {"changed": true, "dest": "/etc/ipsec.d/policies/clear", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0} TASK [Add extra options to check] ********************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:25 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auth_method": "cert", "hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}, "opportunistic": true, "policies": [{"cidr": "203.0.113.0/24", "policy": "private"}, {"cidr": "198.51.100.0/24", "policy": "clear"}]}]}, "changed": false} TASK [add cert_name fact to controller] **************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:40 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"cert_name": "main_cert"}, "changed": false} TASK [Use vpn role] ************************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:44 TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auth_method": "cert", "hosts": {"host01.local": "", "host02.local": "", "mainhost.local": ""}, "opportunistic": true, "policies": [{"cidr": "203.0.113.0/24", "policy": "private"}, {"cidr": "198.51.100.0/24", "policy": "clear"}]}]}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 included: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set current IP fact for each host] ************** task path: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml:3 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"current_ip": "10.0.2.15"}, "changed": false} TASK [linux-system-roles.vpn : Set IP with prefix register] ******************** task path: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml:7 ok: [/cache/fedora-32.qcow2] => {"changed": false, "cmd": "set -euo pipefail\nip addr show | grep 10.0.2.15 | awk '{print $2}'", "delta": "0:00:00.012008", "end": "2021-04-12 21:47:35.930648", "rc": 0, "start": "2021-04-12 21:47:35.918640", "stderr": "", "stderr_lines": [], "stdout": "10.0.2.15/24", "stdout_lines": ["10.0.2.15/24"]} TASK [linux-system-roles.vpn : Set net CIDR fact] ****************************** task path: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml:15 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"current_subnet": "10.0.2.0/24"}, "changed": false} TASK [linux-system-roles.vpn : Set policies fact] ****************************** task path: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml:19 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"policies": [{"cidr": "203.0.113.0/24", "policy": "private"}, {"cidr": "198.51.100.0/24", "policy": "clear"}]}, "changed": false} TASK [linux-system-roles.vpn : Apply the default policy as needed] ************* task path: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml:23 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"policies": [{"cidr": "203.0.113.0/24", "policy": "private"}, {"cidr": "198.51.100.0/24", "policy": "clear"}, {"cidr": "10.0.2.0/24", "policy": "private-or-clear"}, {"cidr": "169.254.0.0/16", "policy": "private-or-clear"}]}, "changed": false} TASK [linux-system-roles.vpn : Write tunnel policies for each network] ********* task path: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml:48 changed: [/cache/fedora-32.qcow2] => (item={'policy': 'private', 'cidr': '203.0.113.0/24'}) => {"ansible_loop_var": "item", "backup": "", "changed": true, "item": {"cidr": "203.0.113.0/24", "policy": "private"}, "msg": "line added and ownership, perms or SE linux context changed"} changed: [/cache/fedora-32.qcow2] => (item={'policy': 'clear', 'cidr': '198.51.100.0/24'}) => {"ansible_loop_var": "item", "backup": "", "changed": true, "item": {"cidr": "198.51.100.0/24", "policy": "clear"}, "msg": "line added and ownership, perms or SE linux context changed"} changed: [/cache/fedora-32.qcow2] => (item={'policy': 'private-or-clear', 'cidr': '10.0.2.0/24'}) => {"ansible_loop_var": "item", "backup": "", "changed": true, "item": {"cidr": "10.0.2.0/24", "policy": "private-or-clear"}, "msg": "line added and ownership, perms or SE linux context changed"} changed: [/cache/fedora-32.qcow2] => (item={'policy': 'private-or-clear', 'cidr': '169.254.0.0/16'}) => {"ansible_loop_var": "item", "backup": "", "changed": true, "item": {"cidr": "169.254.0.0/16", "policy": "private-or-clear"}, "msg": "line added"} NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 NOTIFIED HANDLER linux-system-roles.vpn : send pings to initialize mesh connections for /cache/fedora-32.qcow2 NOTIFIED HANDLER linux-system-roles.vpn : send pings to initialize mesh connections for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Deploy opportunistic configuration to each node] *** task path: /tmp/tmpgln9hoz4/tasks/mesh_conf.yml:58 changed: [/cache/fedora-32.qcow2] => {"changed": true, "checksum": "92fbbfe32f679cf3608e1064a440c58ce92d87c1", "dest": "/etc/ipsec.d/mesh.conf", "gid": 0, "group": "root", "md5sum": "045bced0272ef5dbaf7b56a120572773", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 817, "src": "/root/.ansible/tmp/ansible-tmp-1618264057.8044627-111902-57203673831443/source", "state": "file", "uid": 0} RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "86584801709.10947", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/86584801709.10947", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} RUNNING HANDLER [linux-system-roles.vpn : send pings to initialize mesh connections] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:6 skipping: [/cache/fedora-32.qcow2] => (item=/cache/fedora-32.qcow2) => {"ansible_loop_var": "item", "changed": false, "item": "/cache/fedora-32.qcow2", "skip_reason": "Conditional result was False"} RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "729506984315.11400", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/729506984315.11400", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} RUNNING HANDLER [linux-system-roles.vpn : send pings to initialize mesh connections] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:6 skipping: [/cache/fedora-32.qcow2] => (item=/cache/fedora-32.qcow2) => {"ansible_loop_var": "item", "changed": false, "item": "/cache/fedora-32.qcow2", "skip_reason": "Conditional result was False"} META: ran handlers TASK [Assert file existence] *************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:51 included: /tmp/tmpgln9hoz4/tests/tasks/assert_mesh_conf_exists.yml for /cache/fedora-32.qcow2 TASK [stat mesh.conf file path] ************************************************ task path: /tmp/tmpgln9hoz4/tests/tasks/assert_mesh_conf_exists.yml:2 ok: [/cache/fedora-32.qcow2] => {"changed": false, "stat": {"atime": 1618264059.9887207, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "92fbbfe32f679cf3608e1064a440c58ce92d87c1", "ctime": 1618264058.6067207, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5375, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618264058.2077205, "nlink": 1, "path": "/etc/ipsec.d/mesh.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 817, "uid": 0, "version": "96926847", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Assert that mesh.conf exists] ******************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_mesh_conf_exists.yml:7 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [reset success flag] ****************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:54 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"__vpn_success": true}, "changed": false} TASK [get and store mesh.conf file] ******************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:58 ok: [/cache/fedora-32.qcow2] => {"changed": false, "content": "Y29ubiBwcml2YXRlCiAgICAgIHR5cGU9dHVubmVsCiAgICAgIGxlZnQ9JWRlZmF1bHRyb3V0ZQogICAgICBsZWZ0aWQ9JWZyb21jZXJ0CiAgICAgIHJpZ2h0aWQ9JWZyb21jZXJ0CiAgICAgIHJpZ2h0cnNhc2lna2V5PSVjZXJ0CiAgICAgIHJpZ2h0Y2E9JXNhbWUKICAgICAgbGVmdGNlcnQ9bWFpbl9jZXJ0CiAgICAgIGF1dG89cm91dGUKICAgICAgcmlnaHQ9JW9wcG9ydHVuaXN0aWNncm91cAogICAgICBuZWdvdGlhdGlvbnNodW50PWhvbGQKICAgICAgZmFpbHVyZXNodW50PWRyb3AKICAgICAgaWtldjI9aW5zaXN0CiAgICAgIGtleWluZ3RyaWVzPTEKICAgICAgcmV0cmFuc21pdC10aW1lb3V0PTJzCgpjb25uIHByaXZhdGUtb3ItY2xlYXIKICAgICAgdHlwZT10dW5uZWwKICAgICAgbGVmdD0lZGVmYXVsdHJvdXRlCiAgICAgIGxlZnRpZD0lZnJvbWNlcnQKICAgICAgcmlnaHRpZD0lZnJvbWNlcnQKICAgICAgcmlnaHRyc2FzaWdrZXk9JWNlcnQKICAgICAgcmlnaHRjYT0lc2FtZQogICAgICBsZWZ0Y2VydD1tYWluX2NlcnQKICAgICAgYXV0bz1yb3V0ZQogICAgICByaWdodD0lb3Bwb3J0dW5pc3RpY2dyb3VwCiAgICAgIG5lZ290aWF0aW9uc2h1bnQ9aG9sZAogICAgICBmYWlsdXJlc2h1bnQ9cGFzc3Rocm91Z2gKICAgICAgaWtldjI9aW5zaXN0CiAgICAgIGtleWluZ3RyaWVzPTEKICAgICAgcmV0cmFuc21pdC10aW1lb3V0PTJzCgpjb25uIGNsZWFyCiAgICAgIHR5cGU9cGFzc3Rocm91Z2gKICAgICAgbGVmdD0lZGVmYXVsdHJvdXRlCiAgICAgIHJpZ2h0PSVncm91cAogICAgICBhdXRvPXJvdXRlCiAgICAgIGF1dGhieT1uZXZlcg==", "encoding": "base64", "source": "/etc/ipsec.d/mesh.conf"} TASK [extract content for conn private] **************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:63 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"conn_private": "conn private\n type=tunnel\n left=%defaultroute\n leftid=%fromcert\n rightid=%fromcert\n rightrsasigkey=%cert\n rightca=%same\n leftcert=main_cert\n auto=route\n right=%opportunisticgroup\n negotiationshunt=hold\n failureshunt=drop\n ikev2=insist\n keyingtries=1\n retransmit-timeout=2s"}, "changed": false} TASK [extract content for conn private-or-clear] ******************************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:70 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"conn_private_or_clear": "conn private-or-clear\n type=tunnel\n left=%defaultroute\n leftid=%fromcert\n rightid=%fromcert\n rightrsasigkey=%cert\n rightca=%same\n leftcert=main_cert\n auto=route\n right=%opportunisticgroup\n negotiationshunt=hold\n failureshunt=passthrough\n ikev2=insist\n keyingtries=1\n retransmit-timeout=2s"}, "changed": false} TASK [extract content for conn clear] ****************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:77 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"conn_clear": "conn clear\n type=passthrough\n left=%defaultroute\n right=%group\n auto=route\n authby=never"}, "changed": false} TASK [check that private section contains correct information] ***************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:84 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for private part of conf file] **************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:103 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [check that private-or-clear section contains correct information] ******** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:108 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for private or clear part of conf file] ******************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:127 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [check that clear section contains correct information] ******************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:132 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for clear part of conf file] ****************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:142 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [get and store policies private file] ************************************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:147 ok: [/cache/fedora-32.qcow2] => {"changed": false, "content": "MjAzLjAuMTEzLjAvMjQK", "encoding": "base64", "source": "/etc/ipsec.d/policies/private"} TASK [get and store policies private or clear file] **************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:152 ok: [/cache/fedora-32.qcow2] => {"changed": false, "content": "MTAuMC4yLjAvMjQKMTY5LjI1NC4wLjAvMTYK", "encoding": "base64", "source": "/etc/ipsec.d/policies/private-or-clear"} TASK [get and store policies clear file] *************************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:157 ok: [/cache/fedora-32.qcow2] => {"changed": false, "content": "MTk4LjUxLjEwMC4wLzI0Cg==", "encoding": "base64", "source": "/etc/ipsec.d/policies/clear"} TASK [check contents of policy private file] *********************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:162 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for policy private file] ********************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:169 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [check contents of policy private or clear file] ************************** task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:174 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for policy private or clear file] ************************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:183 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } TASK [check contents of policy clear file] ************************************* task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:188 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [assert success for policy clear file] ************************************ task path: /tmp/tmpgln9hoz4/tests/tests_mesh_cert.yml:195 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=52 changed=12 unreachable=0 failed=0 skipped=16 rescued=0 ignored=0 + cd /tmp/tmpgln9hoz4/tests; TEST_SUBJECTS=/cache/fedora-32.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_vpn-26-5af7836-fedora-32-jdd4e8pp/artifacts ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 /tmp/tmpgln9hoz4/_setup.yml /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml ansible-playbook 2.9.18 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/tester/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.8/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 3.8.7 (default, Jan 20 2021, 00:00:00) [GCC 10.2.1 20201125 (Red Hat 10.2.1-9)] Using /etc/ansible/ansible.cfg as config file Skipping callback 'actionable', as we already have a stdout callback. Skipping callback 'counter_enabled', as we already have a stdout callback. Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'dense', as we already have a stdout callback. Skipping callback 'full_skip', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'null', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. Skipping callback 'selective', as we already have a stdout callback. Skipping callback 'skippy', as we already have a stdout callback. Skipping callback 'stderr', as we already have a stdout callback. Skipping callback 'unixy', as we already have a stdout callback. Skipping callback 'yaml', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 1 plays in /tmp/tmpgln9hoz4/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpgln9hoz4/_setup.yml:5 ok: [/cache/fedora-32.qcow2] => { "groups": { "all": [ "/cache/fedora-32.qcow2" ], "localhost": [ "/cache/fedora-32.qcow2" ], "subjects": [ "/cache/fedora-32.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpgln9hoz4/_setup.yml:7 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 PLAYBOOK: tests_subnet_to_subnet.yml ******************************************* 1 plays in /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:3 ok: [/cache/fedora-32.qcow2] META: ran handlers TASK [Set up test environment] ************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:18 included: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml for /cache/fedora-32.qcow2 TASK [Set platform/version specific variables] ********************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [Change inventory_hostname] *********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:10 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"inventory_hostname": "mainhost.local"}, "changed": false} TASK [add dummy main host] ***************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:16 creating host via 'add_host': hostname=mainhost.local changed: [/cache/fedora-32.qcow2] => {"add_host": {"groups": [], "host_name": "mainhost.local", "host_vars": {}}, "changed": true} TASK [Create nss directory for testing] **************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:22 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Create /etc/ipsec.d directory for testing] ******************************* task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:28 changed: [/cache/fedora-32.qcow2] => {"changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0} TASK [Dynamically add more hosts] ********************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:34 included: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml for /cache/fedora-32.qcow2 TASK [dynamically add multiple hosts for testing] ****************************** task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:2 creating host via 'add_host': hostname=host01.local changed: [/cache/fedora-32.qcow2] => (item=1) => {"add_host": {"groups": ["testing"], "host_name": "host01.local", "host_vars": {"cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16"}}, "ansible_loop_var": "item", "changed": true, "item": 1} TASK [create mock vpn_connections] ********************************************* task path: /tmp/tmpgln9hoz4/tests/tasks/add_hosts.yml:11 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"hosts": {"host01.local": "", "mainhost.local": ""}}]}, "changed": false} TASK [Create dummy policies directory for testing] ***************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:39 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:45 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:51 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Create dummy policy files for testing] *********************************** task path: /tmp/tmpgln9hoz4/tests/tasks/setup_test.yml:57 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [Add subnets] ************************************************************* task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:24 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"hosts": {"host01.local": {"subnets": ["192.0.2.0/24", "198.51.100.0/24", "203.0.113.0/24"]}, "mainhost.local": ""}}]}, "changed": false} TASK [Use vpn role] ************************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:33 TASK [linux-system-roles.vpn : set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/main.yml:3 included: /tmp/tmpgln9hoz4/tasks/set_vars.yml for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** task path: /tmp/tmpgln9hoz4/tasks/set_vars.yml:2 skipping: [/cache/fedora-32.qcow2] => (item=RedHat.yml) => {"ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False"} ok: [/cache/fedora-32.qcow2] => (item=Fedora.yml) => {"ansible_facts": {}, "ansible_included_var_files": ["/tmp/tmpgln9hoz4/vars/Fedora.yml"], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} skipping: [/cache/fedora-32.qcow2] => (item=Fedora_32.yml) => {"ansible_loop_var": "item", "changed": false, "item": "Fedora_32.yml", "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* task path: /tmp/tmpgln9hoz4/tasks/main.yml:6 changed: [/cache/fedora-32.qcow2] => {"changed": true, "msg": "", "rc": 0, "results": ["Installed: nss-3.62.0-1.fc32.x86_64", "Installed: ldns-1.7.0-29.fc32.x86_64", "Installed: nss-softokn-3.62.0-1.fc32.x86_64", "Installed: nss-softokn-freebl-3.62.0-1.fc32.x86_64", "Installed: nss-sysinit-3.62.0-1.fc32.x86_64", "Installed: nss-tools-3.62.0-1.fc32.x86_64", "Installed: libreswan-4.2-1.fc32.x86_64", "Installed: nss-util-3.62.0-1.fc32.x86_64", "Installed: nspr-4.29.0-1.fc32.x86_64"]} TASK [linux-system-roles.vpn : Enforce default auth method as needed] ********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:14 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"vpn_connections": [{"auth_method": "psk", "hosts": {"host01.local": {"subnets": ["192.0.2.0/24", "198.51.100.0/24", "203.0.113.0/24"]}, "mainhost.local": ""}}]}, "changed": false} TASK [linux-system-roles.vpn : Make sure that the hosts list is not empty] ***** task path: /tmp/tmpgln9hoz4/tasks/main.yml:24 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /tmp/tmpgln9hoz4/tasks/main.yml:38 skipping: [/cache/fedora-32.qcow2] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [linux-system-roles.vpn : generate psks] ********************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:64 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : set psks for hosts] ***************************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:99 ok: [/cache/fedora-32.qcow2] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} TASK [linux-system-roles.vpn : create ipsec.conf files] ************************ task path: /tmp/tmpgln9hoz4/tasks/main.yml:123 changed: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": true, "checksum": "fdbe6c7868e418de629e7920e9971f907a7418a9", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "gid": 0, "group": "root", "item": "host01.local", "md5sum": "69cb4ce708bb421d35c754894e87eeb6", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 220, "src": "/root/.ansible/tmp/ansible-tmp-1618264141.5966833-112368-84939395774812/source", "state": "file", "uid": 0} NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 NOTIFIED HANDLER linux-system-roles.vpn : restart vpn service and wait for ssh conn to return for /cache/fedora-32.qcow2 TASK [linux-system-roles.vpn : check if secrets file already exists] *********** task path: /tmp/tmpgln9hoz4/tasks/main.yml:131 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"exists": false}} TASK [linux-system-roles.vpn : create ipsec.secrets files] ********************* task path: /tmp/tmpgln9hoz4/tasks/main.yml:137 changed: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_loop_var": "item", "changed": true, "checksum": "5460922520fce1bbb029fa5c0918ef6743a5a1f9", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "gid": 0, "group": "root", "item": {"ansible_loop_var": "item", "changed": false, "failed": false, "invocation": {"module_args": {"checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets"}}, "item": "host01.local", "stat": {"exists": false}}, "md5sum": "6f27cce2d3b03746f2ec50005303fe53", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 103, "src": "/root/.ansible/tmp/ansible-tmp-1618264142.9343035-112412-22828472280033/source", "state": "file", "uid": 0} TASK [linux-system-roles.vpn : build opportunistic configuration] ************** task path: /tmp/tmpgln9hoz4/tasks/main.yml:147 skipping: [/cache/fedora-32.qcow2] => (item={'hosts': {'mainhost.local': '', 'host01.local': {'subnets': ['192.0.2.0/24', '198.51.100.0/24', '203.0.113.0/24']}}, 'auth_method': 'psk'}) => {"ansible_loop_var": "conn", "changed": false, "conn": {"auth_method": "psk", "hosts": {"host01.local": {"subnets": ["192.0.2.0/24", "198.51.100.0/24", "203.0.113.0/24"]}, "mainhost.local": ""}}, "skip_reason": "Conditional result was False"} TASK [Assert file existence] *************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:37 included: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml for /cache/fedora-32.qcow2 TASK [stat conf files paths] *************************************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:2 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"atime": 1618264141.5211577, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "fdbe6c7868e418de629e7920e9971f907a7418a9", "ctime": 1618264141.5261576, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5217, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618264141.1711576, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 220, "uid": 0, "version": "3125510443", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [stat secrets files paths] ************************************************ task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:8 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": {"atime": 1618264142.5851576, "attr_flags": "e", "attributes": ["extents"], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5460922520fce1bbb029fa5c0918ef6743a5a1f9", "ctime": 1618264142.5911577, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5218, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618264142.3391576, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 103, "uid": 0, "version": "3152437045", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false}} TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:14 ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 220, 'inode': 5217, 'dev': 64513, 'nlink': 1, 'atime': 1618264141.5211577, 'mtime': 1618264141.1711576, 'ctime': 1618264141.5261576, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': 'fdbe6c7868e418de629e7920e9971f907a7418a9', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '3125510443', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf" } }, "item": "host01.local", "stat": { "atime": 1618264141.5211577, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "fdbe6c7868e418de629e7920e9971f907a7418a9", "ctime": 1618264141.5261576, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5217, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1618264141.1711576, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 220, "uid": 0, "version": "3125510443", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /tmp/tmpgln9hoz4/tests/tasks/assert_conf_secrets_files_exist.yml:20 ok: [/cache/fedora-32.qcow2] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'mode': '0600', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 103, 'inode': 5218, 'dev': 64513, 'nlink': 1, 'atime': 1618264142.5851576, 'mtime': 1618264142.3391576, 'ctime': 1618264142.5911577, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': False, 'xgrp': False, 'woth': False, 'roth': False, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '5460922520fce1bbb029fa5c0918ef6743a5a1f9', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '3152437045', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" } }, "item": "host01.local", "stat": { "atime": 1618264142.5851576, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5460922520fce1bbb029fa5c0918ef6743a5a1f9", "ctime": 1618264142.5911577, "dev": 64513, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 5218, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1618264142.3391576, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 103, "uid": 0, "version": "3152437045", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } }, "msg": "All assertions passed" } TASK [reset success flag] ****************************************************** task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:40 ok: [/cache/fedora-32.qcow2] => {"ansible_facts": {"__vpn_success": true}, "changed": false} TASK [get and store conf files] ************************************************ task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:44 ok: [/cache/fedora-32.qcow2] => (item=host01.local) => {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMS5sb2NhbAogIHJpZ2h0c3VibmV0cz17MTkyLjAuMi4wLzI0LDE5OC41MS4xMDAuMC8yNCwyMDMuMC4xMTMuMC8yNH0KICBpa2V2Mj1pbnNpc3QKICBhdXRoYnk9c2VjcmV0Cg==", "encoding": "base64", "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"} TASK [check that conf file contains correct information] *********************** task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:50 skipping: [/cache/fedora-32.qcow2] => (item={'content': 'Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMS5sb2NhbAogIHJpZ2h0c3VibmV0cz17MTkyLjAuMi4wLzI0LDE5OC41MS4xMDAuMC8yNCwyMDMuMC4xMTMuMC8yNH0KICBpa2V2Mj1pbnNpc3QKICBhdXRoYnk9c2VjcmV0Cg==', 'source': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host01.local.conf'}}, 'failed': False, 'changed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => {"ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 0, "item": {"ansible_loop_var": "item", "changed": false, "content": "Y29ubiBtYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIHJpZ2h0aWQ9QGhvc3QwMS5sb2NhbAogIHJpZ2h0c3VibmV0cz17MTkyLjAuMi4wLzI0LDE5OC41MS4xMDAuMC8yNCwyMDMuMC4xMTMuMC8yNH0KICBpa2V2Mj1pbnNpc3QKICBhdXRoYnk9c2VjcmV0Cg==", "encoding": "base64", "failed": false, "invocation": {"module_args": {"src": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"}}, "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf"}, "skip_reason": "Conditional result was False"} TASK [assert success for conf files] ******************************************* task path: /tmp/tmpgln9hoz4/tests/tests_subnet_to_subnet.yml:60 ok: [/cache/fedora-32.qcow2] => { "changed": false, "msg": "All assertions passed" } RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "983826465615.10681", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/983826465615.10681", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} RUNNING HANDLER [linux-system-roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /tmp/tmpgln9hoz4/handlers/main.yml:2 included: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml for /cache/fedora-32.qcow2 RUNNING HANDLER [linux-system-roles.vpn : enable and restart vpn services] ***** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:2 changed: [/cache/fedora-32.qcow2] => (item=ipsec) => {"ansible_job_id": "723905511284.11120", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/723905511284.11120", "started": 1} RUNNING HANDLER [linux-system-roles.vpn : Wait for ssh connection to return] *** task path: /tmp/tmpgln9hoz4/tasks/enable_restart_vpn.yml:11 ok: [/cache/fedora-32.qcow2] => {"changed": false, "elapsed": 3, "match_groupdict": {}, "match_groups": [], "path": null, "port": 22, "search_regex": null, "state": "started"} META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/fedora-32.qcow2 : ok=35 changed=9 unreachable=0 failed=0 skipped=9 rescued=0 ignored=0