pki: Fix private key dir perms on OpenBSD

roles/pki/tasks/main.yml

@@ -29,6 +29,14 @@
   ansible.builtin.set_fact:
     pki_cacert_hash: "{{ result.stdout }}"
 
+- name: fix private key directory permissions
+  ansible.builtin.file:
+    path: "{{ tls_private }}"
+    mode: 0750
+    owner: root
+    group: hostkey
+  when: ansible_system == "OpenBSD"
+
 - name: copy host certificate
   ansible.builtin.copy:
     src: "/srv/ca/certs/hosts/{{ inventory_hostname }}.crt"