jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-04-12 00:03:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
ansible-roles/roles/includes/create_selfsigned_cert.yml
Daniel Berteaud d87c1bdc89 Update to 2023-07-08 16:00
2023-07-08 16:00:11 +02:00

25 lines
1.0 KiB
YAML
Raw Blame History

---
- name: Ensure openssl is installed
package: name=openssl
when: openssl_installed is not defined
- name: Mark openssl as installed
set_fact: openssl_installed=True
- name: Create cert dir
file: path={{ cert_path | dirname }} state=directory
- name: Create private key directory
file: path={{ cert_key_path | dirname }} state=directory owner={{ cert_user | default(omit) }}
- name: Create the self signed certificate
command: openssl req -x509 -newkey rsa:{{ cert_key_size | default(4096) }} \
-subj "{{ cert_subj | default('/C=FR/ST=Aquitaine/L=Ehtrace/O=IT Security/CN=' + inventory_hostname) }}" \
-nodes -keyout {{ cert_key_path }} -out {{ cert_path }} -days {{ cert_validity | default(3650) }}
args:
creates: "{{ cert_path }}"
- name: Restrict permissions of the private key
file: path={{ cert_key_path }} owner={{ cert_key_user | default(omit) }} group={{ cert_key_group | default(omit) }} mode={{ (cert_key_mode | default('600') == 'omit') | ternary(omit, cert_key_mode | default('600')) }}
Reference in New Issue View Git Blame Copy Permalink