ansible-role-mumble/tasks/self_signed.yml

- name: Install SSL dependencies
  package:
    name: "{{ package }}"
    state: present
  loop:
    - ssl-cert
    - python3-openssl
  loop_control:
    loop_var: package
  tags: selfsigned_install

- name: Create SSL config directories
  file:
    path: "{{ config_dir }}"
    state: directory
    owner: root
    group: "{{ acme_ssl_group }}"
    mode: "711"
  loop:
  - "{{ acme_config_dir }}"
  - "{{ acme_keys_dir }}"
  - "{{ acme_accounts_dir }}"
  - "{{ acme_csr_dir }}"
  loop_control:
    loop_var: config_dir
  tags: selfsigned_install

- name: Create {{ domain_name }} certificates directory
  file:
    path: "{{ acme_certs_dir }}/{{ domain_name }}.d"
    state: directory
    owner: root
    group: "{{ acme_ssl_group }}"
    mode: "755"
  tags: selfsigned_install

- name: Generate private key for {{ domain_name }} certificate
  openssl_privatekey:
    path: "{{ acme_keys_dir }}/{{ domain_name }}.pem"
    owner: root
    group: "{{ acme_ssl_group }}"
    mode: "640"
    type: RSA
    size: 4096

- name: Generate CSR for {{ domain_name }} certificate
  openssl_csr:
    path: "{{ acme_csr_dir }}/{{ domain_name }}.csr"
    owner: root
    group: "{{ acme_ssl_group }}"
    mode: "644"
    privatekey_path: "{{ acme_keys_dir }}/{{ domain_name }}.pem"
    common_name: "{{ domain_name }}"

- name: Generate self-signed certificate
  openssl_certificate:
    path: "{{ acme_certs_dir }}/{{ domain_name }}.d/cert.pem" 
    csr_path: "{{ acme_csr_dir }}/{{ domain_name }}.csr"
    privatekey_path: "{{ acme_keys_dir }}/{{ domain_name }}.pem"
    provider: selfsigned 
    state: present
    owner: root 
    group: "{{ acme_ssl_group }}" 
    mode: "644"
manage murmur channels; install mumble-web's self-signed cert; add molecule default scenario 2020-12-06 14:10:29 +01:00			`- name: Install SSL dependencies`
			`package:`
			`name: "{{ package }}"`
			`state: present`
			`loop:`
			`- ssl-cert`
			`- python3-openssl`
			`loop_control:`
			`loop_var: package`
			`tags: selfsigned_install`

			`- name: Create SSL config directories`
			`file:`
			`path: "{{ config_dir }}"`
			`state: directory`
			`owner: root`
			`group: "{{ acme_ssl_group }}"`
			`mode: "711"`
			`loop:`
			`- "{{ acme_config_dir }}"`
			`- "{{ acme_keys_dir }}"`
			`- "{{ acme_accounts_dir }}"`
			`- "{{ acme_csr_dir }}"`
			`loop_control:`
			`loop_var: config_dir`
			`tags: selfsigned_install`

			`- name: Create {{ domain_name }} certificates directory`
			`file:`
			`path: "{{ acme_certs_dir }}/{{ domain_name }}.d"`
			`state: directory`
			`owner: root`
			`group: "{{ acme_ssl_group }}"`
			`mode: "755"`
			`tags: selfsigned_install`

			`- name: Generate private key for {{ domain_name }} certificate`
			`openssl_privatekey:`
			`path: "{{ acme_keys_dir }}/{{ domain_name }}.pem"`
			`owner: root`
			`group: "{{ acme_ssl_group }}"`
			`mode: "640"`
			`type: RSA`
			`size: 4096`

			`- name: Generate CSR for {{ domain_name }} certificate`
			`openssl_csr:`
			`path: "{{ acme_csr_dir }}/{{ domain_name }}.csr"`
			`owner: root`
			`group: "{{ acme_ssl_group }}"`
			`mode: "644"`
			`privatekey_path: "{{ acme_keys_dir }}/{{ domain_name }}.pem"`
			`common_name: "{{ domain_name }}"`

			`- name: Generate self-signed certificate`
			`openssl_certificate:`
			`path: "{{ acme_certs_dir }}/{{ domain_name }}.d/cert.pem"`
			`csr_path: "{{ acme_csr_dir }}/{{ domain_name }}.csr"`
			`privatekey_path: "{{ acme_keys_dir }}/{{ domain_name }}.pem"`
			`provider: selfsigned`
			`state: present`
			`owner: root`
			`group: "{{ acme_ssl_group }}"`
			`mode: "644"`