foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

create hostkey group which has read access to host certificate key

Browse source
This commit is contained in:
Timo Makinen 2019-05-24 11:57:03 +03:00
parent be9fab2fc3
commit 52c23c914f
1 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

9
roles/pki/tasks/main.yml
View file

@ -1,5 +1,10 @@
--- ---
- name: create hostkey group
group:
name: hostkey
system: true
- name: copy ca certificate - name: copy ca certificate
copy: copy:
src: "/srv/ca/certs/ca.crt" src: "/srv/ca/certs/ca.crt"
@ -20,6 +25,6 @@
copy: copy:
src: "/srv/ca/private/{{ inventory_hostname }}.key" src: "/srv/ca/private/{{ inventory_hostname }}.key"
dest: "{{ tls_private }}/{{ inventory_hostname }}.key" dest: "{{ tls_private }}/{{ inventory_hostname }}.key"
mode: 0600 mode: 0640
owner: root owner: root
group: "{{ ansible_wheel }}" group: hostkey