2022-12-16 17:02:08 +00:00
|
|
|
- name: include pre_requisite.yml
|
|
|
|
import_tasks: pre_requisite.yml
|
|
|
|
|
2022-12-21 00:27:11 +00:00
|
|
|
- name: creating cfssl config file
|
2022-12-16 17:02:08 +00:00
|
|
|
template:
|
2022-12-21 00:27:11 +00:00
|
|
|
src: cfssl.json.j2
|
|
|
|
dest: '{{cfssl_config_file}}'
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: 0600
|
|
|
|
|
|
|
|
- name: creating csr file
|
|
|
|
template:
|
|
|
|
src: csr.json.j2
|
|
|
|
dest: '{{cfssl_csr_file}}'
|
2022-12-16 17:02:08 +00:00
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: 0644
|
|
|
|
|
2022-12-21 00:27:11 +00:00
|
|
|
- name: generate private key, csr and certificate
|
|
|
|
shell: '{{cfssl_bin_directory}}/cfssl gencert -config {{cfssl_config_file}} -profile "{{cfssl_profile}}" {{cfssl_csr_file}}| cfssljson -bare {{inventory_hostname_short}}'
|
|
|
|
args:
|
|
|
|
chdir: '{{ssl_dir}}'
|
2022-12-16 17:02:08 +00:00
|
|
|
|
2022-12-21 00:27:11 +00:00
|
|
|
- name: move key file to {{key_file}}
|
|
|
|
shell: 'mv {{ssl_dir}}/{{inventory_hostname_short}}-key.pem {{key_file}}'
|
2022-12-16 17:02:08 +00:00
|
|
|
|
2022-12-21 00:27:11 +00:00
|
|
|
- name: move cert file to {{cert_file}}
|
|
|
|
hell: 'mv {{ssl_dir}}/{{inventory_hostname_short}}.pem {{cert_file}}'
|
2022-12-16 17:02:08 +00:00
|
|
|
|
|
|
|
- name: recuperate ca certificate
|
|
|
|
shell: '{{cfssl_bin_directory}}/cfssl info -remote "{{cfssl_serve_url}}" | cfssljson -bare -stdout > /usr/local/share/ca-certificates/{{ca_filename}}'
|
|
|
|
when: integrate_ca
|
|
|
|
|
|
|
|
- name: Update CA Store
|
|
|
|
shell: 'update-ca-certificates'
|
|
|
|
when: integrate_ca
|