Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
uib-ub
Drift
roller-ansible
apache
Commits
521a4c5b
Commit
521a4c5b
authored
Sep 29, 2020
by
Oyvind.Gjesdal
Browse files
add cert_t type, add aes256 cipher, create symlinks, comment for uib cert examples
parent
664d0062
Changes
1
Hide whitespace changes
Inline
Side-by-side
tasks/uib_ssl.yml
View file @
521a4c5b
...
...
@@ -22,6 +22,7 @@
owner
:
"
root"
group
:
"
root"
mode
:
"
0550"
setype
:
"
cert_t"
loop
:
"
{{
apache_vhosts
}}"
when
:
"
item.ssl_type
==
'uib'"
...
...
@@ -41,6 +42,8 @@
path
:
"
{{
apache_digicert_uib_home
}}/archive/{{
item.servername
}}/priv_key.pem"
backup
:
"
yes"
size
:
"
2048"
setype
:
"
cert_t"
cipher
:
"
aes256"
loop
:
"
{{
apache_vhosts
}}"
when
:
"
item.ssl_type
|
default('certbot')==
'uib'"
...
...
@@ -65,8 +68,23 @@
loop
:
"
{{
apache_vhosts
}}"
when
:
"
item.ssl_type
|
default('certbot')==
'uib'
and
apache_csr_result.changed
|
bool"
-
name
:
"
set
selinux
label"
-
name
:
"
create
symlinks
for
private
keys"
file
:
state
:
"
link"
src
:
"
"
{
apache_digicert_uib_home
}
}
/archive/{{ item.servername }}/priv_key.pem"
dest
:
"
/etc/pki/tls/private/{{item.servername
}}.pem"
loop
:
"
{{
apache_vhosts
}}"
when
:
"
item.ssl_type
|
default('certbot')==
'uib'"
#- name: "get certificate url from ITA"
# prompt_vars:
# get_url:
#SSLCertificateFile /etc/pki/tls/certs/domene.uib.no.crt
#SSLCertificateKeyFile /etc/pki/tls/private/domene.uib.no.key
# SSLCertificateChainFile /etc/pki/tls/certs/digicertca2.uib.no.crt
# @todo multiple domains
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment