From 61b39794e8c61451891ccd4bd3cc06f88f1c74fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20Fra=C3=9F?=
 <christian.frass@dielinke-glauchau.de>
Date: Tue, 25 Jun 2024 11:32:36 +0200
Subject: [PATCH] [mod] role:tlscert_existing:remove var for ssl-path and unify
 domain vars

---
 roles/tlscert_existing/defaults/main.json |  6 ++----
 roles/tlscert_existing/tasks/main.json    | 16 ++++++++--------
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/roles/tlscert_existing/defaults/main.json b/roles/tlscert_existing/defaults/main.json
index 66473bb..b47e0a2 100644
--- a/roles/tlscert_existing/defaults/main.json
+++ b/roles/tlscert_existing/defaults/main.json
@@ -1,8 +1,6 @@
 {
+	"var_tlscert_existing_domain": "foo.example.org",
 	"var_tlscert_existing_key_path": "/tmp/key.pem",
 	"var_tlscert_existing_cert_path": "/tmp/cert.pem",
-	"var_tlscert_existing_fullchain_path": "/tmp/fullchain.pem",
-	"var_tlscert_existing_domain_base": "example.org",
-	"var_tlscert_existing_domain_path": "foo",
-	"var_tlscert_existing_ssl_directory": "/etc/ssl"
+	"var_tlscert_existing_fullchain_path": "/tmp/fullchain.pem"
 }
diff --git a/roles/tlscert_existing/tasks/main.json b/roles/tlscert_existing/tasks/main.json
index 28ebd49..bc4354a 100644
--- a/roles/tlscert_existing/tasks/main.json
+++ b/roles/tlscert_existing/tasks/main.json
@@ -3,10 +3,10 @@
 		"name": "directories",
 		"become": true,
 		"loop": [
-			"{{var_tlscert_existing_ssl_directory}}/private",
-			"{{var_tlscert_existing_ssl_directory}}/csr",
-			"{{var_tlscert_existing_ssl_directory}}/certs",
-			"{{var_tlscert_existing_ssl_directory}}/fullchains"
+			"/etc/ssl/private",
+			"/etc/ssl/csr",
+			"/etc/ssl/certs",
+			"/etc/ssl/fullchains"
 		],
 		"ansible.builtin.file": {
 			"state": "directory",
@@ -18,7 +18,7 @@
 		"become": true,
 		"ansible.builtin.copy": {
 			"src": "{{var_tlscert_existing_key_path}}",
-			"dest": "{{var_tlscert_existing_ssl_directory}}/private/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
+			"dest": "/etc/ssl/private/{{var_tlscert_existing_domain}}.pem"
 		}
 	},
 	{
@@ -26,7 +26,7 @@
 		"become": true,
 		"ansible.builtin.copy": {
 			"src": "{{var_tlscert_existing_cert_path}}",
-			"dest": "{{var_tlscert_existing_ssl_directory}}/certs/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
+			"dest": "/etc/ssl/certs/{{var_tlscert_existing_domain}}.pem"
 		}
 	},
 	{
@@ -35,7 +35,7 @@
 		"become": true,
 		"ansible.builtin.copy": {
 			"src": "{{var_tlscert_existing_fullchain_path}}",
-			"dest": "{{var_tlscert_existing_ssl_directory}}/fullchains/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
+			"dest": "/etc/ssl/fullchains/{{var_tlscert_existing_domain}}.pem"
 		}
 	},
 	{
@@ -43,7 +43,7 @@
 		"when": "var_tlscert_existing_fullchain_path == None",
 		"become": true,
 		"ansible.builtin.shell": {
-			"cmd": "cat {{var_tlscert_existing_ssl_directory}}/certs/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem > {{var_tlscert_existing_ssl_directory}}/fullchains/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
+			"cmd": "cat /etc/ssl/certs/{{var_tlscert_existing_domain}}.pem > /etc/ssl/fullchains/{{var_tlscert_existing_domain}}.pem"
 		}
 	}
 ]