Commit 0a8cf88f authored by Oyvind.Gjesdal's avatar Oyvind.Gjesdal
Browse files

lint uib_ssl.yml

parent 8b95da9b
......@@ -20,7 +20,7 @@
- "{{ apache_digicert_uib_home }}"
- "{{ apache_digicert_uib_archive }}"
- "{{ apache_digicert_uib_csr }}"
- name: "create directory for vhosts"
file:
path: "{{ apache_digicert_uib_archive }}/{{ item.servername }}"
......@@ -67,19 +67,17 @@
- name: "send csr file by mail"
mail:
subject: "csr certificate request for {{ item.servername }}"
subject: "csr certificate request for {{ item.servername }}"
to: "{{ item.serveradmin }}"
attach:
- "{{ apache_digicert_uib_csr}}/{{ item.servername }}.csr"
- "{{ apache_digicert_uib_csr }}/{{ item.servername }}.csr"
body: |
Ønsker å bestille SSL sertifikat.
# noqa 201 body content of mail, newline
common_name "{{ item.servername }}"
altname: "{{ item.altname | default ('ingen') }}"
altname: "{{ item.altname | default ('ingen') }}"
wildcard: "{{ item.wildcard | default ('nei') }}"
Kan du også oppdatere sertifikatdatasen (CMDB) for {{ item.serveradmin }}?
Takk!
loop: "{{ apache_vhosts }}"
when: "item.ssl_type | default('certbot')== 'uib' and apache_csr_result.changed | bool"
......@@ -88,13 +86,13 @@
file:
state: "link"
src: "{{ apache_digicert_uib_archive }}/{{ item.servername }}/priv_key.pem"
dest: "/etc/pki/tls/private/{{item.servername }}.pem"
dest: "/etc/pki/tls/private/{{ item.servername }}.pem"
loop: "{{ apache_vhosts }}"
when: "item.ssl_type | default('certbot')== 'uib'"
- name: "Get certificate with certificate only"
loop: "{{ apache_vhosts }}"
get_url:
get_url:
url: "{{ item.certificate_only_url }}"
setype: "cert_t"
dest: "{{ apache_digicert_uib_archive }}//{{ item.servername }}/cert.cer"
......@@ -111,7 +109,6 @@
backup: "yes"
mode: "0444"
when: "item.ssl_type | default('certbot')== 'uib' and item.certificate_interm_only_url is defined"
#- name: "concat cert and intermediate"
# loop: "{{ apache_vhosts }}"
......@@ -129,7 +126,7 @@
loop: "{{ apache_vhosts }}"
file:
state: "link"
src: "{{ apache_digicert_uib_archive }}/{{ item.servername }}/cert.cer"
src: "{{ apache_digicert_uib_archive }}/{{ item.servername }}/cert.cer"
dest: "/etc/pki/tls/certs/{{ item.servername }}.pem"
when: "item.ssl_type | default('certbot')== 'uib' and item.certificate_only_url is defined"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment