Ansible/selfsignedcert
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: Ansible:main
Branches Tags
Ansible:main
Ansible:master
..
compare: Ansible:master
Branches Tags
Ansible:main
Ansible:master

No commits in common. "main" and "master" have entirely different histories.
main ... master

4 changed files with 19 additions and 14 deletions
Show stats Expand all files Collapse all files

1
defaults/main.yml
View file

@ -4,3 +4,4 @@ selfsignedcert_suffix_csr: csr.pem
selfsignedcert_suffix_crt: crt.pem selfsignedcert_suffix_crt: crt.pem
selfsignedcert_suffix_combined: pem selfsignedcert_suffix_combined: pem

1
selfsignedcert.yml → example_playbook.yml
View file

@ -4,3 +4,4 @@
roles: roles:
- role: selfsignedcert - role: selfsignedcert
selfsignedcert_basename: ./example-cert selfsignedcert_basename: ./example-cert

3
meta/main.yml
View file

@ -7,8 +7,9 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: '2.10' min_ansible_version: 2.9
galaxy_tags: galaxy_tags:
- certificate - certificate
- ssl - ssl

28
tasks/main.yml
View file

@ -1,28 +1,28 @@
--- ---
- name: Sanity checks - name: Sanity checks
ansible.builtin.assert: assert:
that: that:
- selfsignedcert_basename | default("") != "" - selfsignedcert_basename|default("") != ""
- name: Generate private key - name: Generate private key
community.crypto.openssl_privatekey: openssl_privatekey:
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
size: '{{ selfsignedcert_keysize | default(2048) }}' size: '{{ selfsignedcert_keysize|default(2048) }}'
mode: '0600' mode: 0600
register: selfsignedcert_result_key register: selfsignedcert_result_key
- name: Generate CSR - name: Generate CSR
community.crypto.openssl_csr: openssl_csr:
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}' path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}'
privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
common_name: '{{ selfsigned_cn | default(ansible_hostname) }}' common_name: '{{ selfsigned_cn|default(ansible_hostname) }}'
subject_alt_name: '{{ selfsigned_san | default([]) }}' subject_alt_name: '{{ selfsigned_san|default([]) }}'
- name: Generate certificate - name: Generate certificate
community.crypto.x509_certificate: openssl_certificate:
path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_crt }}' path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_crt }}'
privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}' privatekey_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_key }}'
csr_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}' csr_path: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_csr }}'
@ -31,9 +31,11 @@
- name: Combine key and certificate - name: Combine key and certificate
ansible.builtin.template: template:
src: combined.j2 src: combined.j2
dest: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_combined }}' dest: '{{ selfsignedcert_basename }}.{{ selfsignedcert_suffix_combined }}'
mode: '0600' mode: 0600
backup: true backup: yes
when: not selfsignedcert_suffix_combined when: selfsignedcert_suffix_combined != False