[mod] tls roles: use loop for setting up directories

2023-12-14 10:01:08 +01:00 · 2023-12-14 10:01:08 +01:00 · 10a2e47a3f
commit 10a2e47a3f
parent 2f1cd74a79
4 changed files with 36 additions and 90 deletions
--- a/ansible/roles/tlscert_acme_inwx/tasks/main.json
+++ b/ansible/roles/tlscert_acme_inwx/tasks/main.json
@ -10,39 +10,21 @@
 		}
 	},
 	{
-		"name": "setup directories | keys",
+		"name": "directories | ssl",
 		"become": true,
 		"loop": [
 			"{{var_tlscert_acme_inwx_ssl_directory}}/private",
 			"{{var_tlscert_acme_inwx_ssl_directory}}/csr",
 			"{{var_tlscert_acme_inwx_ssl_directory}}/certs",
 			"{{var_tlscert_acme_inwx_ssl_directory}}/fullchains"
 		],
 		"ansible.builtin.file": {
 			"state": "directory",
-			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/private"
+			"path": "{{item}}"
 		}
 	},
 	{
-		"name": "setup directories | certs",
+		"name": "directories | Let's Encrypt account key",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/certs"
 		}
 	},
 	{
 		"name": "setup directories | csr",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/csr"
 		}
 	},
 	{
 		"name": "setup directories | fullchains",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/fullchains"
 		}
 	},
 	{
 		"name": "setup directories | Let's Encrypt account key",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
@ -50,14 +32,14 @@
 		}
 	},
 	{
-		"name": "csr | generate private key",
+		"name": "key",
 		"become": true,
 		"community.crypto.openssl_privatekey": {
 			"path": "{{var_tlscert_acme_inwx_ssl_directory}}/private/{{var_tlscert_acme_inwx_domain_path}}.{{var_tlscert_acme_inwx_domain_base}}.pem"
 		}
 	},
 	{
-		"name": "csr | execute",
+		"name": "csr",
 		"become": true,
 		"community.crypto.openssl_csr": {
 			"common_name": "{{var_tlscert_acme_inwx_domain_path}}.{{var_tlscert_acme_inwx_domain_base}}",
@ -66,7 +48,7 @@
 		}
 	},
 	{
-		"name": "acme | generate account key",
+		"name": "acme | account key",
 		"become": true,
 		"ansible.builtin.shell": {
 			"cmd": "test -f {{var_tlscert_acme_inwx_acme_account_key_path}} || openssl genrsa 4096 > {{var_tlscert_acme_inwx_acme_account_key_path}}"
--- a/ansible/roles/tlscert_acme_netcup/tasks/main.json
+++ b/ansible/roles/tlscert_acme_netcup/tasks/main.json
@ -20,39 +20,21 @@
 		}
 	},
 	{
-		"name": "setup directories | keys",
+		"name": "directories | ssl",
 		"become": true,
 		"loop": [
 			"{{var_tlscert_acme_netcup_ssl_directory}}/private",
 			"{{var_tlscert_acme_netcup_ssl_directory}}/csr",
 			"{{var_tlscert_acme_netcup_ssl_directory}}/certs",
 			"{{var_tlscert_acme_netcup_ssl_directory}}/fullchains"
 		],
 		"ansible.builtin.file": {
 			"state": "directory",
-			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/private"
+			"path": "{{item}}"
 		}
 	},
 	{
-		"name": "setup directories | certs",
+		"name": "directories | Let's Encrypt account key",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/certs"
 		}
 	},
 	{
 		"name": "setup directories | csr",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/csr"
 		}
 	},
 	{
 		"name": "setup directories | fullchains",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/fullchains"
 		}
 	},
 	{
 		"name": "setup directories | Let's Encrypt account key",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
@ -60,14 +42,14 @@
 		}
 	},
 	{
-		"name": "csr | generate private key",
+		"name": "key",
 		"become": true,
 		"community.crypto.openssl_privatekey": {
 			"path": "{{var_tlscert_acme_netcup_ssl_directory}}/private/{{var_tlscert_acme_netcup_domain_path}}.{{var_tlscert_acme_netcup_domain_base}}.pem"
 		}
 	},
 	{
-		"name": "csr | execute",
+		"name": "csr",
 		"become": true,
 		"community.crypto.openssl_csr": {
 			"common_name": "{{var_tlscert_acme_netcup_domain_path}}.{{var_tlscert_acme_netcup_domain_base}}",
--- a/ansible/roles/tlscert_existing/tasks/main.json
+++ b/ansible/roles/tlscert_existing/tasks/main.json
@ -2,16 +2,16 @@
 	{
 		"name": "directories",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{item}}"
 		},
 		"loop": [
 			"{{var_tlscert_existing_ssl_directory}}/private",
 			"{{var_tlscert_existing_ssl_directory}}/csr",
 			"{{var_tlscert_existing_ssl_directory}}/certs",
 			"{{var_tlscert_existing_ssl_directory}}/fullchains"
-		]
+		],
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{item}}"
 		}
 	},
 	{
 		"name": "key",
--- a/ansible/roles/tlscert_selfsigned/tasks/main.json
+++ b/ansible/roles/tlscert_selfsigned/tasks/main.json
@ -10,35 +10,17 @@
 		}
 	},
 	{
-		"name": "setup directories | keys",
+		"name": "setup directories",
 		"become": true,
 		"loop": [
 			"{{var_tlscert_selfsigned_ssl_directory}}/private",
 			"{{var_tlscert_selfsigned_ssl_directory}}/csr",
 			"{{var_tlscert_selfsigned_ssl_directory}}/certs",
 			"{{var_tlscert_selfsigned_ssl_directory}}/fullchains"
 		],
 		"ansible.builtin.file": {
 			"state": "directory",
-			"path": "{{var_tlscert_selfsigned_ssl_directory}}/private"
+			"path": "{{item}}"
 		}
 	},
 	{
 		"name": "setup directories | certs",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_selfsigned_ssl_directory}}/certs"
 		}
 	},
 	{
 		"name": "setup directories | csr",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_selfsigned_ssl_directory}}/csr"
 		}
 	},
 	{
 		"name": "setup directories | fullchains",
 		"become": true,
 		"ansible.builtin.file": {
 			"state": "directory",
 			"path": "{{var_tlscert_selfsigned_ssl_directory}}/fullchains"
 		}
 	},
 	{