From 52ae5ce3bb1f9918651c09d68da8a14c0e75eba9 Mon Sep 17 00:00:00 2001 From: Sven Velt Date: Fri, 4 Apr 2025 17:40:48 +0200 Subject: [PATCH] FQCN, ansible-lint, renamed playbook --- defaults/main.yml | 1 - meta/main.yml | 3 +-- example_playbook.yml => selfsignedcert.yml | 1 - tasks/main.yml | 28 ++++++++++------------ 4 files changed, 14 insertions(+), 19 deletions(-) rename example_playbook.yml => selfsignedcert.yml (99%) diff --git a/defaults/main.yml b/defaults/main.yml index 4787c6b..5cec961 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -4,4 +4,3 @@ selfsignedcert_suffix_csr: csr.pem selfsignedcert_suffix_crt: crt.pem selfsignedcert_suffix_combined: pem - diff --git a/meta/main.yml b/meta/main.yml index 25c9045..ed2c313 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -7,9 +7,8 @@ galaxy_info: license: GPL-2.0-or-later - min_ansible_version: 2.9 + min_ansible_version: '2.10' galaxy_tags: - certificate - ssl - diff --git a/example_playbook.yml b/selfsignedcert.yml similarity index 99% rename from example_playbook.yml rename to selfsignedcert.yml index 89166a1..5bb15b0 100644 --- a/example_playbook.yml +++ b/selfsignedcert.yml @@ -4,4 +4,3 @@ roles: - role: selfsignedcert selfsignedcert_basename: ./example-cert - diff --git a/tasks/main.yml b/tasks/main.yml index 5422291..29dda07 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,28 +1,28 @@ --- - name: Sanity checks - assert: + ansible.builtin.assert: that: - - selfsignedcert_basename|default("") != "" + - selfsignedcert_basename | default("") != "" - name: Generate private key - openssl_privatekey: + community.crypto.openssl_privatekey: path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' - size: '{{ selfsignedcert_keysize|default(2048) }}' - mode: 0600 + size: '{{ selfsignedcert_keysize | default(2048) }}' + mode: '0600' register: selfsignedcert_result_key - name: Generate CSR - openssl_csr: + community.crypto.openssl_csr: path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}' privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' - common_name: '{{ selfsigned_cn|default(ansible_hostname) }}' - subject_alt_name: '{{ selfsigned_san|default([]) }}' + common_name: '{{ selfsigned_cn | default(ansible_hostname) }}' + subject_alt_name: '{{ selfsigned_san | default([]) }}' - name: Generate certificate - openssl_certificate: + community.crypto.x509_certificate: path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_crt }}' privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' csr_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}' @@ -31,11 +31,9 @@ - name: Combine key and certificate - template: + ansible.builtin.template: src: combined.j2 dest: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_combined }}' - mode: 0600 - backup: yes - when: selfsignedcert_suffix_combined != False - - + mode: '0600' + backup: true + when: not selfsignedcert_suffix_combined