Initial working version

.gitignore

@@ -0,0 +1,30 @@
+# OS generated files #
+######################
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+Icon?
+ehthumbs.db
+Thumbs.db
+
+# IDE files #
+#################
+/.settings
+/.buildpath
+/.project
+/nbproject
+*.komodoproject
+*.kpf
+/.idea
+
+# Vagrant files #
+.virtualbox/
+.vagrant/
+vagrant_ansible_inventory_*
+ansible.cfg
+
+# Other files #
+###############
+!empty

.travis.yml

@@ -0,0 +1,77 @@
+---
+language: python
+python: "2.7"
+
+services:
+  - mysql
+
+env:
+  - ANSIBLE_VERSION=latest
+  - ANSIBLE_VERSION=1.9.2
+  - ANSIBLE_VERSION=1.9.1
+  - ANSIBLE_VERSION=1.9.0.1
+  - ANSIBLE_VERSION=1.8.4
+  - ANSIBLE_VERSION=1.8.3
+  - ANSIBLE_VERSION=1.8.2
+  - ANSIBLE_VERSION=1.8.1
+  - ANSIBLE_VERSION=1.8
+  - ANSIBLE_VERSION=1.7.2
+  - ANSIBLE_VERSION=1.7.1
+  - ANSIBLE_VERSION=1.7
+  - ANSIBLE_VERSION=1.6.9
+  - ANSIBLE_VERSION=1.6.8
+  - ANSIBLE_VERSION=1.6.7
+  - ANSIBLE_VERSION=1.6.6
+  - ANSIBLE_VERSION=1.6.5
+  - ANSIBLE_VERSION=1.6.4
+  - ANSIBLE_VERSION=1.6.3
+  - ANSIBLE_VERSION=1.6.2
+  - ANSIBLE_VERSION=1.6.10
+  - ANSIBLE_VERSION=1.6.1
+  - ANSIBLE_VERSION=1.6
+  - ANSIBLE_VERSION=1.5.5
+  - ANSIBLE_VERSION=1.5.4
+  - ANSIBLE_VERSION=1.5.3
+  - ANSIBLE_VERSION=1.5.2
+  - ANSIBLE_VERSION=1.5.1
+  - ANSIBLE_VERSION=1.5
+  - ANSIBLE_VERSION=1.4.5
+  - ANSIBLE_VERSION=1.4.4
+  - ANSIBLE_VERSION=1.4.3
+  - ANSIBLE_VERSION=1.4.2
+  - ANSIBLE_VERSION=1.4.1
+  - ANSIBLE_VERSION=1.4
+
+branches:
+  only:
+    - master
+
+before_install:
+  - sudo apt-get update -qq
+
+  # Remove autossh
+  - sudo apt-get remove --purge autossh
+
+  # Generate ssh key
+  - ssh-keygen -t rsa -b 2048 -C '' -P '' -f files/id_rsa -q
+
+install:
+  # Install Ansible.
+  - if [ "$ANSIBLE_VERSION" = "latest" ]; then pip install ansible; else pip install ansible==$ANSIBLE_VERSION; fi
+
+script:
+  # Check the role/playbook's syntax.
+  - ansible-playbook -i tests/inventory tests/test.yml --syntax-check
+
+  # Run the role/playbook with ansible-playbook.
+  - ansible-playbook -i tests/inventory tests/test.yml --connection=local --sudo -vvvv
+
+  # Run the role/playbook again, checking to make sure it's idempotent.
+  - >
+    ansible-playbook -i tests/inventory tests/test.yml --connection=local --sudo
+    | grep -q 'changed=0.*failed=0'
+    && (echo 'Idempotence test: pass' && exit 0)
+    || (echo 'Idempotence test: fail' && exit 1)
+
+notifications:
+  email: false

README.md

@@ -0,0 +1,76 @@
+## autossh-tunnel-client
+
+[![Build Status](https://travis-ci.org/Oefenweb/ansible-autossh-tunnel-client.svg?branch=master)](https://travis-ci.org/Oefenweb/ansible-autossh-tunnel-client) [![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-autossh--tunnel--client-blue.svg)](https://galaxy.ansible.com/list#/roles/4773)
+
+Set up a persistent tunnel (using `autossh`) in Ubuntu systems (client side).
+
+#### Requirements
+
+None
+
+#### Variables
+
+* `autossh_tunnel_client_autossh_debug`: [default: `1`]: If this variable is set, the logging level is set to `LOG_DEBUG`
+* `autossh_tunnel_client_autossh_first_poll`: [default: `30`]: Specifies the time to wait before the first connection test
+* `autossh_tunnel_client_autossh_gatetime`: [default: `0`]: Specifies how long ssh must be up before we consider it a successful connection. If it is set to `0`, then not only is the gatetime behaviour turned off, but autossh also ignores the first run failure of ssh
+* `autossh_tunnel_client_autossh_loglevel`: [default: `7`]: Specifies the log level, corresponding to the levels used by syslog
+* `autossh_tunnel_client_autossh_pidfile`: [default: `/var/run/autossh/autossh-tunnel-client.pid`]: Write pid to specified file
+* `autossh_tunnel_client_autossh_poll`: [default: `60`]: Specifies the connection poll time in seconds
+
+* `autossh_tunnel_client_key_map`: [default: `[]`]: SSH key declarations
+* `autossh_tunnel_client_key_map.{n}.src`: [required]: The local path of the file to copy, can be absolute or relative (e.g. `../../../files/autossh-tunnel-client/etc/autossh/id_rsa`)
+* `autossh_tunnel_client_key_map.{n}.dest`: [optional, default `src | basename`]: The remote path of the file to copy, relative to `/etc/autossh` (e.g. `id_rsa`)
+* `autossh_tunnel_client_key_map.{n}.owner`: [optional, default `root`]: The name of the user that should own the file
+* `autossh_tunnel_client_key_map.{n}.group`: [optional, default `owner`, `root`]: The name of the group that should own the file
+* `autossh_tunnel_client_key_map.{n}.mode`: [optional, default `0600`]: The mode of the file to copy
+
+* `autossh_tunnel_client_host`: [required] Remote host to connect to (e.g. `example.com`)
+* `autossh_tunnel_client_port`: [default: `22`]: Remote port to connect to
+* `autossh_tunnel_client_user`: [default: `autossh`]: Remote user for connection
+* `autossh_tunnel_client_identity`: [default: `id_rsa`]: Remote user for connection
+
+* `autossh_tunnel_client_ssh_options`: [default: `['ServerAliveInterval 60', 'ServerAliveCountMax 3', 'BatchMode=yes', 'StrictHostKeyChecking=no']`]: SSH options
+
+* `autossh_tunnel_client_forward`: [required]: Port forward to set up (e.g. `'3307:127.0.0.1:3306'`)
+
+## Dependencies
+
+None
+
+## Recommended
+
+* `ansible-autossh-tunnel-server` ([see](https://github.com/Oefenweb/ansible-autossh-tunnel-server))
+
+#### Example(s)
+
+##### MySQL tunnel
+
+```yaml
+---
+- hosts: all
+  roles:
+    - autossh-tunnel-client
+  vars:
+    autossh_tunnel_client_key_map:
+      - src: ../../../files/autossh-tunnel-client/etc/autossh/id_rsa
+    autossh_tunnel_client_host: 'example.com'
+    autossh_tunnel_client_forward: '3307:127.0.0.1:3306'
+```
+
+You will be able to connect to mysql using:
+
+```bash
+mysql -h 127.0.0.1 -P 3307 -u#### -p#### --skip-ssl;
+```
+
+#### License
+
+MIT
+
+#### Author Information
+
+Mischa ter Smitten (based on work of netkernelroc)
+
+#### Feedback, bug-reports, requests, ...
+
+Are [welcome](https://github.com/Oefenweb/ansible-autossh-tunnel-client/issues)!

Vagrantfile

@@ -0,0 +1,53 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby ts=2 sw=2 tw=0 et :
+
+role = File.basename(File.expand_path(File.dirname(__FILE__)))
+
+boxes = [
+  {
+    :name => "ubuntu-1004",
+    :box => "opscode-ubuntu-10.04",
+    :url => "http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-10.04_chef-provisionerless.box",
+    :ip => '10.0.0.10',
+    :cpu => "50",
+    :ram => "256"
+   },
+  {
+    :name => "ubuntu-1204",
+    :box => "opscode-ubuntu-12.04",
+    :url => "http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-12.04_chef-provisionerless.box",
+    :ip => '10.0.0.11',
+    :cpu => "50",
+    :ram => "256"
+  },
+  {
+    :name => "ubuntu-1404",
+    :box => "opscode-ubuntu-14.04",
+    :url => "http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-14.04_chef-provisionerless.box",
+    :ip => '10.0.0.12',
+    :cpu => "50",
+    :ram => "256"
+  },
+]
+
+Vagrant.configure("2") do |config|
+  boxes.each do |box|
+    config.vm.define box[:name] do |vms|
+      vms.vm.box = box[:box]
+      vms.vm.box_url = box[:url]
+      vms.vm.hostname = "ansible-#{role}-#{box[:name]}"
+
+      vms.vm.provider "virtualbox" do |v|
+        v.customize ["modifyvm", :id, "--cpuexecutioncap", box[:cpu]]
+        v.customize ["modifyvm", :id, "--memory", box[:ram]]
+      end
+
+      vms.vm.network :private_network, ip: box[:ip]
+
+      vms.vm.provision :ansible do |ansible|
+        ansible.playbook = "tests/vagrant.yml"
+        ansible.verbose = "vv"
+      end
+    end
+  end
+end

defaults/main.yml

@@ -0,0 +1,20 @@
+# defaults file for autossh-tunnel-client
+---
+autossh_tunnel_client_autossh_debug: 1
+autossh_tunnel_client_autossh_first_poll: 30
+autossh_tunnel_client_autossh_gatetime: 0
+autossh_tunnel_client_autossh_loglevel: 7
+autossh_tunnel_client_autossh_pidfile: /var/run/autossh/autossh-tunnel-client.pid
+autossh_tunnel_client_autossh_poll: 60
+
+autossh_tunnel_client_key_map: []
+
+autossh_tunnel_client_port: 22
+autossh_tunnel_client_user: autossh
+autossh_tunnel_client_identity: id_rsa
+
+autossh_tunnel_client_ssh_options:
+ - 'ServerAliveInterval 60'
+ - 'ServerAliveCountMax 3'
+ - 'BatchMode=yes'
+ - 'StrictHostKeyChecking=no'

handlers/main.yml

@@ -0,0 +1,6 @@
+# handlers file for autossh-tunnel-client
+---
+- name: restart autossh-tunnel-client
+  service:
+    name: autossh-tunnel-client
+    state: restarted

meta/main.yml

@@ -0,0 +1,18 @@
+# meta file for autossh-tunnel-client
+---
+galaxy_info:
+  author: Mischa ter Smitten
+  company: Oefenweb.nl B.V.
+  description: Set up a persistent tunnel (using autossh) in Ubuntu systems (client side)
+  license: MIT
+  min_ansible_version: 1.4
+  platforms:
+    - name: Ubuntu
+      versions:
+        - lucid
+        - precise
+        - trusty
+  categories:
+    - system
+    - networking
+dependencies: []

tasks/main.yml

@@ -0,0 +1,63 @@
+# tasks file for autossh-tunnel-client
+---
+- name: install package
+  apt:
+    name: autossh
+    state: latest
+    update_cache: true
+    cache_valid_time: 3600
+  tags: [configuration, autossh-tunnel-client, autossh-tunnel-client-install]
+
+- name: create required directories
+  file:
+    path: "{{ item.dest }}"
+    state: directory
+    owner: root
+    group: root
+    mode: "{{ item.mode }}"
+  with_items:
+    - dest: "{{ autossh_tunnel_client_configuration_directory }}"
+      mode: '0700'
+    - dest: "{{ autossh_tunnel_client_autossh_pidfile | dirname }}"
+      mode: '0755'
+  tags:
+    - configuration
+    - autossh-tunnel-client
+    - autossh-tunnel-client-configuration
+    - autossh-tunnel-client-configuration-directories
+
+- name: copy key file(s)
+  copy:
+    src: "{{ item.src }}"
+    dest: "{{ autossh_tunnel_client_configuration_directory }}/{{ item.dest | default(item.src | basename) }}"
+    owner: "{{ item.owner | default('root') }}"
+    group: "{{ item.group | default(item.owner) | default('root') }}"
+    mode: "{{ item.mode | default('0600') }}"
+  with_items: autossh_tunnel_client_key_map
+  notify: restart autossh-tunnel-client
+  tags:
+    - configuration
+    - autossh-tunnel-client
+    - autossh-tunnel-client-configuration
+    - autossh-tunnel-client-configuration-keys
+
+- name: create init script
+  template:
+    src: etc/init/autossh-tunnel-client.conf.j2
+    dest: /etc/init/autossh-tunnel-client.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart autossh-tunnel-client
+  tags:
+    - configuration
+    - autossh-tunnel-client
+    - autossh-tunnel-client-configuration
+    - autossh-tunnel-client-configuration-init
+
+- name: start and enable service
+  service:
+    name: autossh-tunnel-client
+    state: started
+    enabled: yes
+  tags: [configuration, autossh-tunnel-client, autossh-tunnel-client-start-enable-service]

templates/etc/init/autossh-tunnel-client.conf.j2

@@ -0,0 +1,34 @@
+# {{ ansible_managed }}
+
+# autossh-tunnel-client
+
+description "Set up a persistent tunnel (using autossh)"
+author      "Mischa ter Smitten"
+
+start on net-device-up IFACE=eth0
+stop on runlevel [01S6]
+
+respawn
+respawn limit 5 60 # Respawn max 5 times in 60 seconds
+umask 022
+
+pre-start script
+  test -x /usr/bin/autossh || { stop; exit 0; }
+end script
+
+script
+  export AUTOSSH_DEBUG={{ autossh_tunnel_client_autossh_debug }}
+  export AUTOSSH_FIRST_POLL={{ autossh_tunnel_client_autossh_first_poll }}
+  export AUTOSSH_GATETIME={{ autossh_tunnel_client_autossh_gatetime }}
+  export AUTOSSH_LOGLEVEL={{ autossh_tunnel_client_autossh_loglevel }}
+  export AUTOSSH_PIDFILE={{ autossh_tunnel_client_autossh_pidfile }}
+  export AUTOSSH_POLL={{ autossh_tunnel_client_autossh_poll }}
+
+  autossh -M 0 -4 -N -L {{ autossh_tunnel_client_forward }} {{ autossh_tunnel_client_user }}@{{ autossh_tunnel_client_host }} \
+    -p {{ autossh_tunnel_client_port }} \
+    -i {{ autossh_tunnel_client_configuration_directory }}/{{ autossh_tunnel_client_identity }} \
+{% for ssh_options in autossh_tunnel_client_ssh_options %}
+    -o "{{ ssh_options }}" \
+{% endfor %}
+  ;
+end script

tests/inventory

@@ -0,0 +1 @@
+localhost