foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Re organized internal CA directories

Browse source
This commit is contained in:
Timo Makinen 2021-10-07 18:03:05 +00:00
parent ee39a34fad
commit 7a2b2c0b48
6 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/dovecot/tasks/main.yml
View file

@ -36,7 +36,7 @@
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
with_first_found: with_first_found:
- "/srv/letsencrypt/live/{{ mail_server }}/fullchain.pem" - "/srv/letsencrypt/live/{{ mail_server }}/fullchain.pem"
- "/srv/ca/certs/{{ inventory_hostname }}.crt" - "/srv/ca/certs/hosts/{{ inventory_hostname }}.crt"
tags: certificates tags: certificates
notify: restart dovecot notify: restart dovecot

4
roles/nginx/site/tasks/main.yml
View file

@ -41,7 +41,7 @@
validate: /usr/bin/openssl x509 -in %s -noout validate: /usr/bin/openssl x509 -in %s -noout
with_first_found: with_first_found:
- "/srv/letsencrypt/live/{{ site }}/fullchain.pem" - "/srv/letsencrypt/live/{{ site }}/fullchain.pem"
- "/srv/ca/certs/{{ site }}.crt" - "/srv/ca/certs/hosts/{{ site }}.crt"
- "/srv/ca/certs/{{ inventory_hostname }}.crt" - "/srv/ca/certs/hosts/{{ inventory_hostname }}.crt"
tags: certificates tags: certificates
notify: restart nginx notify: restart nginx

4
roles/nsd/tasks/main.yml
View file

@ -22,8 +22,8 @@
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
with_first_found: with_first_found:
- "/srv/letsencrypt/live/{{ nsd_server }}/fullchain.pem" - "/srv/letsencrypt/live/{{ nsd_server }}/fullchain.pem"
- "/srv/ca/certs/{{ site }}.crt" - "/srv/ca/certs/hosts/{{ site }}.crt"
- "/srv/ca/certs/{{ inventory_hostname }}.crt" - "/srv/ca/certs/hosts/{{ inventory_hostname }}.crt"
tags: certificates tags: certificates
notify: restart nsd notify: restart nsd

2
roles/pki/tasks/main.yml
View file

@ -24,7 +24,7 @@
- name: copy host certificate - name: copy host certificate
copy: copy:
src: "/srv/ca/certs/{{ inventory_hostname }}.crt" src: "/srv/ca/certs/hosts/{{ inventory_hostname }}.crt"
dest: "{{ tls_certs }}/{{ inventory_hostname }}.crt" dest: "{{ tls_certs }}/{{ inventory_hostname }}.crt"
mode: 0644 mode: 0644
owner: root owner: root

4
roles/sendmail/tasks/main.yml
View file

@ -41,8 +41,8 @@
validate: /usr/bin/openssl x509 -in %s -noout validate: /usr/bin/openssl x509 -in %s -noout
with_first_found: with_first_found:
- "/srv/letsencrypt/live/{{ mail_server }}/cert.pem" - "/srv/letsencrypt/live/{{ mail_server }}/cert.pem"
- "/srv/ca/certs/{{ mail_server }}.crt" - "/srv/ca/certs/hosts/{{ mail_server }}.crt"
- "/srv/ca/certs/{{ inventory_hostname }}.crt" - "/srv/ca/certs/hosts/{{ inventory_hostname }}.crt"
tags: certificates tags: certificates
notify: restart sendmail notify: restart sendmail

2
roles/thinlinc-server/tasks/main.yml
View file

@ -70,7 +70,7 @@
group: "{{ ansible_wheel }}" group: "{{ ansible_wheel }}"
with_first_found: with_first_found:
- "/srv/letsencrypt/live/{{ inventory_hostname }}/privkey.pem" - "/srv/letsencrypt/live/{{ inventory_hostname }}/privkey.pem"
- "/srv/ca/certs/{{ inventory_hostname }}.key" - "/srv/ca/certs/hosts/{{ inventory_hostname }}.key"
tags: certificates tags: certificates
notify: restart tlwebaccess notify: restart tlwebaccess