Ansible/selfsignedcert
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

FQCN, ansible-lint, renamed playbook

Browse source
This commit is contained in:
Sven Velt 2025-04-04 17:40:48 +02:00
parent ac102f44af
commit 52ae5ce3bb
4 changed files with 14 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
defaults/main.yml
View file

@ -4,4 +4,3 @@ selfsignedcert_suffix_csr: csr.pem
selfsignedcert_suffix_crt: crt.pem selfsignedcert_suffix_crt: crt.pem
selfsignedcert_suffix_combined: pem selfsignedcert_suffix_combined: pem

3
meta/main.yml
View file

@ -7,9 +7,8 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: 2.9 min_ansible_version: '2.10'
galaxy_tags: galaxy_tags:
- certificate - certificate
- ssl - ssl

1
example_playbook.yml → selfsignedcert.yml
View file

@ -4,4 +4,3 @@
roles: roles:
- role: selfsignedcert - role: selfsignedcert
selfsignedcert_basename: ./example-cert selfsignedcert_basename: ./example-cert

28
tasks/main.yml
View file

@ -1,28 +1,28 @@
--- ---
- name: Sanity checks - name: Sanity checks
assert: ansible.builtin.assert:
that: that:
- selfsignedcert_basename|default("") != "" - selfsignedcert_basename | default("") != ""
- name: Generate private key - name: Generate private key
openssl_privatekey: community.crypto.openssl_privatekey:
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
size: '{{ selfsignedcert_keysize|default(2048) }}' size: '{{ selfsignedcert_keysize | default(2048) }}'
mode: 0600 mode: '0600'
register: selfsignedcert_result_key register: selfsignedcert_result_key
- name: Generate CSR - name: Generate CSR
openssl_csr: community.crypto.openssl_csr:
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}' path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}'
privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
common_name: '{{ selfsigned_cn|default(ansible_hostname) }}' common_name: '{{ selfsigned_cn | default(ansible_hostname) }}'
subject_alt_name: '{{ selfsigned_san|default([]) }}' subject_alt_name: '{{ selfsigned_san | default([]) }}'
- name: Generate certificate - name: Generate certificate
openssl_certificate: community.crypto.x509_certificate:
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_crt }}' path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_crt }}'
privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
csr_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}' csr_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}'
@ -31,11 +31,9 @@
- name: Combine key and certificate - name: Combine key and certificate
template: ansible.builtin.template:
src: combined.j2 src: combined.j2
dest: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_combined }}' dest: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_combined }}'
mode: 0600 mode: '0600'
backup: yes backup: true
when: selfsignedcert_suffix_combined != False when: not selfsignedcert_suffix_combined