Pains-Perdus/ansible_hacky_pki
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

censor the logs

Browse source
This commit is contained in:
histausse 2021-09-11 17:33:48 +02:00
parent 0a3b7bf590
commit 3a4d709275
Signed by: histausse
GPG key ID: 67486F107F62E9E9
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
roles/generate-cert/tasks/main.yml
View file

@ -69,6 +69,7 @@
dest: "/tmp/ansible_hacky_pki_ca.key" dest: "/tmp/ansible_hacky_pki_ca.key"
mode: u=rw,g=,o= mode: u=rw,g=,o=
delegate_to: localhost delegate_to: localhost
no_log: yes
when: force_renewal or (not key_file.stat.exists) or (not cert_file.stat.exists) or (not validity.valid_at.renewal) when: force_renewal or (not key_file.stat.exists) or (not cert_file.stat.exists) or (not validity.valid_at.renewal)
- name: Sign the certificate - name: Sign the certificate
@ -91,6 +92,7 @@
owner: "{{ owner | default('root') }}" owner: "{{ owner | default('root') }}"
group: "{{ group | default('root') }}" group: "{{ group | default('root') }}"
mode: "{{ key_mode | default('u=rw,g=,o=') }}" mode: "{{ key_mode | default('u=rw,g=,o=') }}"
no_log: yes
when: force_renewal or (not key_file.stat.exists) or (not cert_file.stat.exists) or (not validity.valid_at.renewal) when: force_renewal or (not key_file.stat.exists) or (not cert_file.stat.exists) or (not validity.valid_at.renewal)
- name: Send certificate to the server - name: Send certificate to the server