From 10a2e47a3f9f6fbf4f000ddd868d176d9cefc4b5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20Fra=C3=9F?= <frass@greenscale.de>
Date: Thu, 14 Dec 2023 10:01:08 +0100
Subject: [PATCH] [mod] tls roles: use loop for setting up directories

---
 .../roles/tlscert_acme_inwx/tasks/main.json   | 42 ++++++-------------
 .../roles/tlscert_acme_netcup/tasks/main.json | 40 +++++-------------
 .../roles/tlscert_existing/tasks/main.json    | 10 ++---
 .../roles/tlscert_selfsigned/tasks/main.json  | 34 ++++-----------
 4 files changed, 36 insertions(+), 90 deletions(-)

diff --git a/ansible/roles/tlscert_acme_inwx/tasks/main.json b/ansible/roles/tlscert_acme_inwx/tasks/main.json
index 2dba8d0..d7016ba 100644
--- a/ansible/roles/tlscert_acme_inwx/tasks/main.json
+++ b/ansible/roles/tlscert_acme_inwx/tasks/main.json
@@ -10,39 +10,21 @@
 		}
 	},
 	{
-		"name": "setup directories | keys",
+		"name": "directories | ssl",
 		"become": true,
+		"loop": [
+			"{{var_tlscert_acme_inwx_ssl_directory}}/private",
+			"{{var_tlscert_acme_inwx_ssl_directory}}/csr",
+			"{{var_tlscert_acme_inwx_ssl_directory}}/certs",
+			"{{var_tlscert_acme_inwx_ssl_directory}}/fullchains"
+		],
 		"ansible.builtin.file": {
 			"state": "directory",
-			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/private"
+			"path": "{{item}}"
 		}
 	},
 	{
-		"name": "setup directories | certs",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/certs"
-		}
-	},
-	{
-		"name": "setup directories | csr",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/csr"
-		}
-	},
-	{
-		"name": "setup directories | fullchains",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/fullchains"
-		}
-	},
-	{
-		"name": "setup directories | Let's Encrypt account key",
+		"name": "directories | Let's Encrypt account key",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
@@ -50,14 +32,14 @@
 		}
 	},
 	{
-		"name": "csr | generate private key",
+		"name": "key",
 		"become": true,
 		"community.crypto.openssl_privatekey": {
 			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/private/{{var_tlscert_acme_inwx_domain_path}}.{{var_tlscert_acme_inwx_domain_base}}.pem"
 		}
 	},
 	{
-		"name": "csr | execute",
+		"name": "csr",
 		"become": true,
 		"community.crypto.openssl_csr": {
 			"common_name": "{{var_tlscert_acme_inwx_domain_path}}.{{var_tlscert_acme_inwx_domain_base}}",
@@ -66,7 +48,7 @@
 		}
 	},
 	{
-		"name": "acme | generate account key",
+		"name": "acme | account key",
 		"become": true,
 		"ansible.builtin.shell": {
 			"cmd": "test -f {{var_tlscert_acme_inwx_acme_account_key_path}} || openssl genrsa 4096 > {{var_tlscert_acme_inwx_acme_account_key_path}}"
diff --git a/ansible/roles/tlscert_acme_netcup/tasks/main.json b/ansible/roles/tlscert_acme_netcup/tasks/main.json
index 66db8c4..37ad51c 100644
--- a/ansible/roles/tlscert_acme_netcup/tasks/main.json
+++ b/ansible/roles/tlscert_acme_netcup/tasks/main.json
@@ -20,39 +20,21 @@
 		}
 	},
 	{
-		"name": "setup directories | keys",
+		"name": "directories | ssl",
 		"become": true,
+		"loop": [
+			"{{var_tlscert_acme_netcup_ssl_directory}}/private",
+			"{{var_tlscert_acme_netcup_ssl_directory}}/csr",
+			"{{var_tlscert_acme_netcup_ssl_directory}}/certs",
+			"{{var_tlscert_acme_netcup_ssl_directory}}/fullchains"
+		],
 		"ansible.builtin.file": {
 			"state": "directory",
-			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/private"
+			"path": "{{item}}"
 		}
 	},
 	{
-		"name": "setup directories | certs",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/certs"
-		}
-	},
-	{
-		"name": "setup directories | csr",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/csr"
-		}
-	},
-	{
-		"name": "setup directories | fullchains",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/fullchains"
-		}
-	},
-	{
-		"name": "setup directories | Let's Encrypt account key",
+		"name": "directories | Let's Encrypt account key",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
@@ -60,14 +42,14 @@
 		}
 	},
 	{
-		"name": "csr | generate private key",
+		"name": "key",
 		"become": true,
 		"community.crypto.openssl_privatekey": {
 			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/private/{{var_tlscert_acme_netcup_domain_path}}.{{var_tlscert_acme_netcup_domain_base}}.pem"
 		}
 	},
 	{
-		"name": "csr | execute",
+		"name": "csr",
 		"become": true,
 		"community.crypto.openssl_csr": {
 			"common_name": "{{var_tlscert_acme_netcup_domain_path}}.{{var_tlscert_acme_netcup_domain_base}}",
diff --git a/ansible/roles/tlscert_existing/tasks/main.json b/ansible/roles/tlscert_existing/tasks/main.json
index 9b3ad3e..63e9895 100644
--- a/ansible/roles/tlscert_existing/tasks/main.json
+++ b/ansible/roles/tlscert_existing/tasks/main.json
@@ -2,16 +2,16 @@
 	{
 		"name": "directories",
 		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{item}}"
-		},
 		"loop": [
 			"{{var_tlscert_existing_ssl_directory}}/private",
 			"{{var_tlscert_existing_ssl_directory}}/csr",
 			"{{var_tlscert_existing_ssl_directory}}/certs",
 			"{{var_tlscert_existing_ssl_directory}}/fullchains"
-		]
+		],
+		"ansible.builtin.file": {
+			"state": "directory",
+			"path": "{{item}}"
+		}
 	},
 	{
 		"name": "key",
diff --git a/ansible/roles/tlscert_selfsigned/tasks/main.json b/ansible/roles/tlscert_selfsigned/tasks/main.json
index dacb9f0..96d3863 100644
--- a/ansible/roles/tlscert_selfsigned/tasks/main.json
+++ b/ansible/roles/tlscert_selfsigned/tasks/main.json
@@ -10,35 +10,17 @@
 		}
 	},
 	{
-		"name": "setup directories | keys",
+		"name": "setup directories",
 		"become": true,
+		"loop": [
+			"{{var_tlscert_selfsigned_ssl_directory}}/private",
+			"{{var_tlscert_selfsigned_ssl_directory}}/csr",
+			"{{var_tlscert_selfsigned_ssl_directory}}/certs",
+			"{{var_tlscert_selfsigned_ssl_directory}}/fullchains"
+		],
 		"ansible.builtin.file": {
 			"state": "directory",
-			"path": "{{var_tlscert_selfsigned_ssl_directory}}/private"
-		}
-	},
-	{
-		"name": "setup directories | certs",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_selfsigned_ssl_directory}}/certs"
-		}
-	},
-	{
-		"name": "setup directories | csr",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_selfsigned_ssl_directory}}/csr"
-		}
-	},
-	{
-		"name": "setup directories | fullchains",
-		"become": true,
-		"ansible.builtin.file": {
-			"state": "directory",
-			"path": "{{var_tlscert_selfsigned_ssl_directory}}/fullchains"
+			"path": "{{item}}"
 		}
 	},
 	{