install local ca signed host certificates for all hosts
This commit is contained in:
parent
f038799988
commit
b18bcedb59
2 changed files with 31 additions and 1 deletions
|
|
@ -12,4 +12,9 @@
|
|||
|
||||
- name: install basic roles
|
||||
include_role:
|
||||
name: opensmtpd
|
||||
name: "{{ role }}"
|
||||
with_items:
|
||||
- opensmtpd
|
||||
- pki
|
||||
loop_control:
|
||||
loop_var: role
|
||||
|
|
|
|||
25
roles/pki/tasks/main.yml
Normal file
25
roles/pki/tasks/main.yml
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
|
||||
- name: copy ca certificate
|
||||
copy:
|
||||
src: "/srv/ca/certs/ca.crt"
|
||||
dest: "/etc/pki/tls/certs/ca.crt"
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: copy host certificate
|
||||
copy:
|
||||
src: "/srv/ca/certs/{{ inventory_hostname }}.crt"
|
||||
dest: "/etc/pki/tls/certs/{{ inventory_hostname }}.crt"
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: copy host key
|
||||
copy:
|
||||
src: "/srv/ca/private/{{ inventory_hostname }}.key"
|
||||
dest: "/etc/pki/tls/private/{{ inventory_hostname }}.key"
|
||||
mode: 0600
|
||||
owner: root
|
||||
group: root
|
||||
Loading…
Add table
Reference in a new issue