Browse Source

Selfsigned cert task - initial work (#5)

initial commit for selfsigned cert task

Co-authored-by: muppeth <muppeth@disroot.org>
Reviewed-on: https://git.disroot.org/Disroot-Ansible/nginx/pulls/5
Reviewed-by: meaz <meaz@no-reply@disroot.org>
Reviewed-by: antilopa <antilopa@no-reply@disroot.org>
Co-Authored-By: muppeth <muppeth@no-reply@disroot.org>
Co-Committed-By: muppeth <muppeth@no-reply@disroot.org>
pull/6/head
muppeth 1 month ago
parent
commit
a9ebf9f942
  1. 37
      tasks/ssl.yml

37
tasks/ssl.yml

@ -48,3 +48,40 @@
with_items: "{{ nginx_vhosts }}"
when: item.copy_ssl is defined
notify: reload nginx
- name: "[SELFSIGNED] - Create Key folder"
file:
path: "{{ nginx_ssl_dir }}/{{ item.ssl_name }}"
state: directory
mode: 0755
with_items: "{{ nginx_vhosts }}"
when: item.selfsigned is defined and item.selfsigned == 'true'
notify: reload nginx
- name: '[SELFSIGNED] - Create a self-signed key'
openssl_privatekey:
path: '{{ ssl_src_path }}/{{ item.ssl_name }}/privkey.pem'
size: 2048
type: RSA
with_items: "{{ nginx_vhosts }}"
when: item.selfsigned is defined and item.state == 'enable' and item.selfsigned == 'true'
notify: reload nginx
- name: '[SELFSIGNED] - Generate OpenSSL Certificate Signing Request (CSR)'
openssl_csr:
path: '{{ ssl_src_path }}/{{ item.ssl_name }}/selfsigned.crs'
privatekey_path: '{{ ssl_src_path }}/{{ item.ssl_name }}/privkey.pem'
with_items: "{{ nginx_vhosts }}"
when: item.selfsigned is defined and item.state == 'enable' and item.selfsigned == 'true'
notify: reload nginx
- name: '[SELFSIGNED] - Create a self-signed certificate'
openssl_certificate:
path: '{{ ssl_src_path }}/{{ item.ssl_name }}/fullchain.pem'
privatekey_path: '{{ ssl_src_path }}/{{ item.ssl_name }}/privkey.pem'
csr_path: '{{ ssl_src_path }}/{{ item.ssl_name }}/selfsigned.crs'
provider: selfsigned
with_items: "{{ nginx_vhosts }}"
when: item.selfsigned is defined and item.state == 'enable' and item.selfsigned == 'true'
notify: reload nginx
Loading…
Cancel
Save