pki: ansible-lint fixes
This commit is contained in:
parent
6bc466e191
commit
a849d1f2a9
1 changed files with 10 additions and 10 deletions
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
- name: create hostkey group
|
||||
- name: Create hostkey group
|
||||
ansible.builtin.group:
|
||||
name: hostkey
|
||||
system: true
|
||||
|
||||
- name: copy ca certificate
|
||||
- name: Copy ca certificate
|
||||
ansible.builtin.copy:
|
||||
src: "/srv/ca/certs/ca.crt"
|
||||
dest: "{{ tls_certs }}/ca.crt"
|
||||
|
|
@ -12,7 +12,7 @@
|
|||
owner: root
|
||||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: get ca certificate hash
|
||||
- name: Get ca certificate hash
|
||||
ansible.builtin.command:
|
||||
argv:
|
||||
- openssl
|
||||
|
|
@ -25,11 +25,11 @@
|
|||
register: result
|
||||
changed_when: false
|
||||
|
||||
- name: store ca certificate hash
|
||||
- name: Store ca certificate hash
|
||||
ansible.builtin.set_fact:
|
||||
pki_cacert_hash: "{{ result.stdout }}"
|
||||
|
||||
- name: fix private key directory permissions
|
||||
- name: Fix private key directory permissions
|
||||
ansible.builtin.file:
|
||||
path: "{{ tls_private }}"
|
||||
mode: 0750
|
||||
|
|
@ -37,7 +37,7 @@
|
|||
group: hostkey
|
||||
when: ansible_system == "OpenBSD"
|
||||
|
||||
- name: copy host certificate
|
||||
- name: Copy host certificate
|
||||
ansible.builtin.copy:
|
||||
src: "/srv/ca/certs/hosts/{{ inventory_hostname }}.crt"
|
||||
dest: "{{ tls_certs }}/{{ inventory_hostname }}.crt"
|
||||
|
|
@ -45,7 +45,7 @@
|
|||
owner: root
|
||||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: add ansible certificate fact
|
||||
- name: Add ansible certificate fact
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
#!/bin/sh
|
||||
|
|
@ -60,7 +60,7 @@
|
|||
owner: root
|
||||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: create full chain certificate contents
|
||||
- name: Create full chain certificate contents
|
||||
ansible.builtin.command:
|
||||
argv:
|
||||
- cat
|
||||
|
|
@ -69,7 +69,7 @@
|
|||
changed_when: false
|
||||
register: pki_host_fullchain
|
||||
|
||||
- name: copy full chain certificate file
|
||||
- name: Copy full chain certificate file
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ tls_certs }}/{{ inventory_hostname }}-fullchain.crt"
|
||||
content: "{{ pki_host_fullchain.stdout }}"
|
||||
|
|
@ -77,7 +77,7 @@
|
|||
owner: root
|
||||
group: "{{ ansible_wheel }}"
|
||||
|
||||
- name: copy host key
|
||||
- name: Copy host key
|
||||
ansible.builtin.copy:
|
||||
src: "/srv/ca/private/{{ inventory_hostname }}.key"
|
||||
dest: "{{ tls_private }}/{{ inventory_hostname }}.key"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue