From 2f1cd74a795f794ba392df4f1e0d0861aec8f851 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20Fra=C3=9F?= <frass@greenscale.de>
Date: Thu, 14 Dec 2023 09:56:19 +0100
Subject: [PATCH] [add] role:tlscert_existing

---
 .../roles/tlscert_existing/defaults/main.json |  7 ++++
 .../roles/tlscert_existing/tasks/main.json    | 32 +++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 ansible/roles/tlscert_existing/defaults/main.json
 create mode 100644 ansible/roles/tlscert_existing/tasks/main.json

diff --git a/ansible/roles/tlscert_existing/defaults/main.json b/ansible/roles/tlscert_existing/defaults/main.json
new file mode 100644
index 0000000..0a042c4
--- /dev/null
+++ b/ansible/roles/tlscert_existing/defaults/main.json
@@ -0,0 +1,7 @@
+{
+	"var_tlscert_existing_key_path": "/tmp/key.pem",
+	"var_tlscert_existing_cert_path": "/tmp/cert.pem",
+	"var_tlscert_existing_domain_base": "example.org",
+	"var_tlscert_existing_domain_path": "foo",
+	"var_tlscert_existing_ssl_directory": "/etc/ssl"
+}
diff --git a/ansible/roles/tlscert_existing/tasks/main.json b/ansible/roles/tlscert_existing/tasks/main.json
new file mode 100644
index 0000000..9b3ad3e
--- /dev/null
+++ b/ansible/roles/tlscert_existing/tasks/main.json
@@ -0,0 +1,32 @@
+[
+	{
+		"name": "directories",
+		"become": true,
+		"ansible.builtin.file": {
+			"state": "directory",
+			"path": "{{item}}"
+		},
+		"loop": [
+			"{{var_tlscert_existing_ssl_directory}}/private",
+			"{{var_tlscert_existing_ssl_directory}}/csr",
+			"{{var_tlscert_existing_ssl_directory}}/certs",
+			"{{var_tlscert_existing_ssl_directory}}/fullchains"
+		]
+	},
+	{
+		"name": "key",
+		"become": true,
+		"ansible.builtin.copy": {
+			"src": "{{var_tlscert_existing_key_path}}",
+			"dest": "{{var_tlscert_existing_ssl_directory}}/private/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
+		}
+	},
+	{
+		"name": "cert",
+		"become": true,
+		"ansible.builtin.copy": {
+			"src": "{{var_tlscert_existing_cert_path}}",
+			"dest": "{{var_tlscert_existing_ssl_directory}}/certs/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
+		}
+	}
+]