misc/ansible-base
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

[fix] role:tlscert_selfsigned

Browse source
This commit is contained in:
Christian Fraß 2023-11-22 15:20:34 +01:00
parent 937f782007
commit 2747a5fe81
1 changed files with 54 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
ansible/roles/tlscert_selfsigned/tasks/main.json
View file

@ -9,19 +9,72 @@
} }
}, },
{ {
"name": "generate key", "name": "setup directories | keys",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/private"
}
},
{
"name": "setup directories | certs",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/certs"
}
},
{
"name": "setup directories | csr",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/csr"
}
},
{
"name": "setup directories | fullchains",
"become": true,
"ansible.builtin.file": {
"state": "directory",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/fullchains"
}
},
{
"name": "csr | generate private key",
"become": true, "become": true,
"community.crypto.openssl_privatekey": { "community.crypto.openssl_privatekey": {
"path": "{{var_tlscert_selfsigned_ssl_directory}}/private/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem" "path": "{{var_tlscert_selfsigned_ssl_directory}}/private/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem"
} }
}, },
{
"name": "csr | execute",
"become": true,
"community.crypto.openssl_csr": {
"privatekey_path": "{{var_tlscert_selfsigned_ssl_directory}}/private/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem",
"common_name": "{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}",
"subject_alt_name": [
"DNS:{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}"
],
"path": "{{var_tlscert_selfsigned_ssl_directory}}/csr/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem"
},
"register": "temp_csr"
},
{ {
"name": "generate certificate", "name": "generate certificate",
"become": true, "become": true,
"community.crypto.x509_certificate": { "community.crypto.x509_certificate": {
"privatekey_path": "{{var_tlscert_selfsigned_ssl_directory}}/private/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem", "privatekey_path": "{{var_tlscert_selfsigned_ssl_directory}}/private/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem",
"csr_path": "{{var_tlscert_selfsigned_ssl_directory}}/csr/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem",
"provider": "selfsigned", "provider": "selfsigned",
"path": "{{var_tlscert_selfsigned_ssl_directory}}/certs/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem" "path": "{{var_tlscert_selfsigned_ssl_directory}}/certs/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem"
} }
},
{
"name": "compose fullchain",
"become": true,
"ansible.builtin.shell": {
"cmd": "cat {{var_tlscert_selfsigned_ssl_directory}}/certs/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem > {{var_tlscert_selfsigned_ssl_directory}}/fullchains/{{var_tlscert_selfsigned_domain_path}}.{{var_tlscert_selfsigned_domain_base}}.pem"
}
} }
] ]