ansible_hacky_pki/roles/generate-cert/tasks/main.yml

32 lines
836 B
YAML

---
- name: Test
ansible.builtin.debug:
msg: "Test"
- name: Ensure the directory containing the cert exist
file:
path: "{{ directory }}"
state: directory
- name: Test if the key already exist
stat:
path: "{{ directory }}/{{ cname }}.key"
register: key_file
- name: Generate private key
become: false
openssl_privatekey:
path: "/tmp/ansible_hacky_pki_{{ cname }}.key"
mode: u=rw,g=,o=
size: "{{ key_size | default(omit) }}"
delegate_to: localhost
when: not key_file.stat.exists
- name: Send private key to the server
copy:
src: "/tmp/ansible_hacky_pki_{{ cname }}.key"
dest: "{{ directory }}/{{ cname }}.key"
owner: "{{ owner | default('root') }}"
group: "{{ group | default('root') }}"
mode: "{{ key_mode | default('u=rw,g=,o=') }}"
when: not key_file.stat.exists