- name: include pre_requisite.yml
  import_tasks: pre_requisite.yml

- name: creating cfssl config file
  template:
    src: cfssl.json.j2
    dest: '{{cfssl_config_file}}'
    owner: root
    group: root
    mode: 0600

- name: creating csr file
  template:
    src: csr.json.j2
    dest: '{{cfssl_csr_file}}'
    owner: root
    group: root
    mode: 0644

- name: generate private key, csr and certificate
  shell: '{{cfssl_bin_directory}}/cfssl gencert -config {{cfssl_config_file}} -profile "{{cfssl_profile}}" {{cfssl_csr_file}}| cfssljson -bare {{inventory_hostname_short}}'
  args:
    chdir: '{{ssl_dir}}'

- name: move key file to {{key_file}}
  shell: 'mv {{ssl_dir}}/{{inventory_hostname_short}}-key.pem {{key_file}}'

- name: move cert file to {{cert_file}}
  hell: 'mv {{ssl_dir}}/{{inventory_hostname_short}}.pem {{cert_file}}'

- name: recuperate ca certificate
  shell: '{{cfssl_bin_directory}}/cfssl info -remote "{{cfssl_serve_url}}"  | cfssljson -bare -stdout > /usr/local/share/ca-certificates/{{ca_filename}}'
  when: integrate_ca

- name: Update CA Store
  shell: 'update-ca-certificates'
  when: integrate_ca