From 1a0636307b34f65113e7109d839d58392b9a68b9 Mon Sep 17 00:00:00 2001 From: julian Date: Mon, 1 May 2023 00:18:59 +0200 Subject: [PATCH] Use Certbot naming for certificate files --- playbooks/roles/cert/README.md | 1 + playbooks/roles/cert/tasks/deploy_cert.yml | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/playbooks/roles/cert/README.md b/playbooks/roles/cert/README.md index a00253d..a6ffc60 100644 --- a/playbooks/roles/cert/README.md +++ b/playbooks/roles/cert/README.md @@ -22,3 +22,4 @@ The `hosts` for this role need to be the machines on which you want to have the - - - +- diff --git a/playbooks/roles/cert/tasks/deploy_cert.yml b/playbooks/roles/cert/tasks/deploy_cert.yml index d5219d5..7a63664 100644 --- a/playbooks/roles/cert/tasks/deploy_cert.yml +++ b/playbooks/roles/cert/tasks/deploy_cert.yml @@ -27,7 +27,7 @@ - name: Ensure private key for certificate exists community.crypto.openssl_privatekey: - path: "/etc/ansible_certs/certs/{{ item }}/key.pem" + path: "/etc/ansible_certs/certs/{{ item }}/privkey.pem" size: 4096 type: RSA owner: "{{ cert__owner }}" @@ -38,7 +38,7 @@ - name: Ensure certificate signing request is created community.crypto.openssl_csr: path: "/etc/ansible_certs/certs/{{ item }}/csr.pem" - privatekey_path: "/etc/ansible_certs/certs/{{ item }}/key.pem" + privatekey_path: "/etc/ansible_certs/certs/{{ item }}/privkey.pem" common_name: "{{ item }}" owner: "{{ cert__owner }}" group: "{{ cert__group }}" @@ -164,10 +164,10 @@ become: true register: cert__fullchain_slurp -- name: Ensure ca.pem is created +- name: Ensure chain.pem is created ansible.builtin.copy: content: "{{ cert__fullchain_slurp.content | b64decode | replace(cert__cert_slurp.content | b64decode, '') }}" - dest: "/etc/ansible_certs/certs/{{ item }}/ca.pem" + dest: "/etc/ansible_certs/certs/{{ item }}/chain.pem" owner: "{{ cert__owner }}" group: "{{ cert__group }}" mode: "0660"