From c9b21a3286bbc975aed4c847f0deed3f28559f19 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Sat, 29 Aug 2020 15:55:51 +0000 Subject: [PATCH] Add ansible_certificate custom fact --- roles/base/tasks/main.yml | 11 +++++++++++ roles/pki/tasks/main.yml | 15 +++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index 37d562d..70d1b17 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -1,4 +1,15 @@ --- +- name: setup ansible custom facts + file: + dest: "{{ item }}" + mode: 0755 + owner: root + group: "{{ ansible_wheel }}" + state: directory + with_items: + - /etc/ansible + - /etc/ansible/facts.d + - name: set correct hostname hostname: name: "{{ inventory_hostname }}" diff --git a/roles/pki/tasks/main.yml b/roles/pki/tasks/main.yml index 0e2a31f..0c7eb8c 100644 --- a/roles/pki/tasks/main.yml +++ b/roles/pki/tasks/main.yml @@ -30,6 +30,21 @@ owner: root group: "{{ ansible_wheel }}" +- name: add ansible certificate fact + copy: + content: | + #!/bin/sh + [ -f {{ tls_certs }}/{{ inventory_hostname }}.crt ] && awk ' + BEGIN { printf "\"" } + { if (!/^-\-/) printf "%s",$0 } + END { print "\"" } + ' {{ tls_certs }}/{{ inventory_hostname }}.crt + + dest: /etc/ansible/facts.d/ansible_certificate.fact + mode: 0755 + owner: root + group: "{{ ansible_wheel }}" + - name: create full chain of host certficate and ca shell: "cat {{ tls_certs }}/{{ inventory_hostname }}.crt \ {{ tls_certs }}/ca.crt > \