|
|
|
@ -79,6 +79,15 @@
|
|
|
|
|
mode: "{{ key_mode | default('u=rw,g=,o=') }}"
|
|
|
|
|
when: not key_file.stat.exists
|
|
|
|
|
|
|
|
|
|
- name: Send certificate to the server
|
|
|
|
|
copy:
|
|
|
|
|
src: "/tmp/ansible_hacky_pki_{{ cname }}.crt"
|
|
|
|
|
dest: "{{ directory }}/{{ cname }}.crt"
|
|
|
|
|
owner: "{{ owner | default('root') }}"
|
|
|
|
|
group: "{{ group | default('root') }}"
|
|
|
|
|
mode: "{{ key_mode | default('u=rw,g=r,o=r') }}"
|
|
|
|
|
when: not key_file.stat.exists
|
|
|
|
|
|
|
|
|
|
# Clean up
|
|
|
|
|
- name: Remove the local cert key
|
|
|
|
|
become: false
|
|
|
|
@ -95,3 +104,27 @@
|
|
|
|
|
state: absent
|
|
|
|
|
delegate_to: localhost
|
|
|
|
|
when: not key_file.stat.exists
|
|
|
|
|
|
|
|
|
|
- name: Remove the local certificate
|
|
|
|
|
become: false
|
|
|
|
|
file:
|
|
|
|
|
path: "/tmp/ansible_hacky_pki_{{ cname }}.crt"
|
|
|
|
|
state: absent
|
|
|
|
|
delegate_to: localhost
|
|
|
|
|
when: not key_file.stat.exists
|
|
|
|
|
|
|
|
|
|
- name: Remove the CA certificate
|
|
|
|
|
become: false
|
|
|
|
|
file:
|
|
|
|
|
path: /tmp/ansible_hacky_pki_ca.crt
|
|
|
|
|
state: absent
|
|
|
|
|
delegate_to: localhost
|
|
|
|
|
when: not key_file.stat.exists
|
|
|
|
|
|
|
|
|
|
- name: Remove the CA key
|
|
|
|
|
become: false
|
|
|
|
|
file:
|
|
|
|
|
path: /tmp/ansible_hacky_pki_ca.key
|
|
|
|
|
state: absent
|
|
|
|
|
delegate_to: localhost
|
|
|
|
|
when: not key_file.stat.exists
|
|
|
|
|