From 9162a800a8a5b19ede97f95b28da3dc9a1045b84 Mon Sep 17 00:00:00 2001
From: Jean-Marie Mineau <jean-marie.mineau@protonmail.com>
Date: Wed, 8 Sep 2021 21:13:51 +0200
Subject: [PATCH] remove the key file from localhost

---
 roles/generate-cert/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/generate-cert/tasks/main.yml b/roles/generate-cert/tasks/main.yml
index f4ccaa9..451f2dd 100644
--- a/roles/generate-cert/tasks/main.yml
+++ b/roles/generate-cert/tasks/main.yml
@@ -30,3 +30,13 @@
     group: "{{ group | default('root') }}"
     mode: "{{ key_mode | default('u=rw,g=,o=') }}"
   when: not key_file.stat.exists
+
+
+# Clean up
+- name: Remove the local cert key
+  become: false
+  file:
+    path: "/tmp/ansible_hacky_pki_{{ cname }}.key"
+    state: absent
+  delegate_to: localhost
+  when: not key_file.stat.exists