misc/ansible-base
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

[mod] tls roles: use loop for setting up directories

Browse source
This commit is contained in:
Christian Fraß 2023-12-14 10:01:08 +01:00
parent 2f1cd74a79
commit 10a2e47a3f
4 changed files with 36 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
ansible/roles/tlscert_acme_inwx/tasks/main.json
View file

@ -10,39 +10,21 @@
}
},
{
"name": "setup directories | keys",
"name": "directories | ssl",
"become": true,
"loop": [
"{{var_tlscert_acme_inwx_ssl_directory}}/private",
"{{var_tlscert_acme_inwx_ssl_directory}}/csr",
"{{var_tlscert_acme_inwx_ssl_directory}}/certs",
"{{var_tlscert_acme_inwx_ssl_directory}}/fullchains"
],
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_inwx_ssl_directory}}/private"
"path": "{{item}}"
}
},
{
"name": "setup directories | certs",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_inwx_ssl_directory}}/certs"
}
},
{
"name": "setup directories | csr",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_inwx_ssl_directory}}/csr"
}
},
{
"name": "setup directories | fullchains",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_inwx_ssl_directory}}/fullchains"
}
},
{
"name": "setup directories | Let's Encrypt account key",
"name": "directories | Let's Encrypt account key",
"become": true,
"ansible.builtin.file": {
"state": "directory",
@ -50,14 +32,14 @@
}
},
{
"name": "csr | generate private key",
"name": "key",
"become": true,
"community.crypto.openssl_privatekey": {
"path": "{{var_tlscert_acme_inwx_ssl_directory}}/private/{{var_tlscert_acme_inwx_domain_path}}.{{var_tlscert_acme_inwx_domain_base}}.pem"
}
},
{
"name": "csr | execute",
"name": "csr",
"become": true,
"community.crypto.openssl_csr": {
"common_name": "{{var_tlscert_acme_inwx_domain_path}}.{{var_tlscert_acme_inwx_domain_base}}",
@ -66,7 +48,7 @@
}
},
{
"name": "acme | generate account key",
"name": "acme | account key",
"become": true,
"ansible.builtin.shell": {
"cmd": "test -f {{var_tlscert_acme_inwx_acme_account_key_path}} || openssl genrsa 4096 > {{var_tlscert_acme_inwx_acme_account_key_path}}"

40
ansible/roles/tlscert_acme_netcup/tasks/main.json
View file

@ -20,39 +20,21 @@
}
},
{
"name": "setup directories | keys",
"name": "directories | ssl",
"become": true,
"loop": [
"{{var_tlscert_acme_netcup_ssl_directory}}/private",
"{{var_tlscert_acme_netcup_ssl_directory}}/csr",
"{{var_tlscert_acme_netcup_ssl_directory}}/certs",
"{{var_tlscert_acme_netcup_ssl_directory}}/fullchains"
],
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_netcup_ssl_directory}}/private"
"path": "{{item}}"
}
},
{
"name": "setup directories | certs",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_netcup_ssl_directory}}/certs"
}
},
{
"name": "setup directories | csr",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_netcup_ssl_directory}}/csr"
}
},
{
"name": "setup directories | fullchains",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_acme_netcup_ssl_directory}}/fullchains"
}
},
{
"name": "setup directories | Let's Encrypt account key",
"name": "directories | Let's Encrypt account key",
"become": true,
"ansible.builtin.file": {
"state": "directory",
@ -60,14 +42,14 @@
}
},
{
"name": "csr | generate private key",
"name": "key",
"become": true,
"community.crypto.openssl_privatekey": {
"path": "{{var_tlscert_acme_netcup_ssl_directory}}/private/{{var_tlscert_acme_netcup_domain_path}}.{{var_tlscert_acme_netcup_domain_base}}.pem"
}
},
{
"name": "csr | execute",
"name": "csr",
"become": true,
"community.crypto.openssl_csr": {
"common_name": "{{var_tlscert_acme_netcup_domain_path}}.{{var_tlscert_acme_netcup_domain_base}}",

10
ansible/roles/tlscert_existing/tasks/main.json
View file

@ -2,16 +2,16 @@
{
"name": "directories",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{item}}"
},
"loop": [
"{{var_tlscert_existing_ssl_directory}}/private",
"{{var_tlscert_existing_ssl_directory}}/csr",
"{{var_tlscert_existing_ssl_directory}}/certs",
"{{var_tlscert_existing_ssl_directory}}/fullchains"
]
],
"ansible.builtin.file": {
"state": "directory",
"path": "{{item}}"
}
},
{
"name": "key",

34
ansible/roles/tlscert_selfsigned/tasks/main.json
View file

@ -10,35 +10,17 @@
}
},
{
"name": "setup directories | keys",
"name": "setup directories",
"become": true,
"loop": [
"{{var_tlscert_selfsigned_ssl_directory}}/private",
"{{var_tlscert_selfsigned_ssl_directory}}/csr",
"{{var_tlscert_selfsigned_ssl_directory}}/certs",
"{{var_tlscert_selfsigned_ssl_directory}}/fullchains"
],
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/private"
}
},
{
"name": "setup directories | certs",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/certs"
}
},
{
"name": "setup directories | csr",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/csr"
}
},
{
"name": "setup directories | fullchains",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/fullchains"
"path": "{{item}}"
}
},
{