ansible/nis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
42c3774ca6
nis/roles/common/tasks/pure-ftpd/tls-certificate.yml
Christoph 42c3774ca6 Initial commit
2022-02-20 12:07:59 +01:00

41 lines
1.6 KiB
YAML
Raw Blame History

---
# ---
# TLS Certificate
# ---
# - method 'generate'
- name: Generate Pure-FTPd TLS certificate.
command: openssl req -x509 -nodes -newkey rsa:{{ pureftpd_tls_certificate_openssl.size | default(4096) }} -sha256 -days {{ pureftpd_tls_certificate_openssl.days | default(365) }} -keyout {{ pureftpd_tls_certificate_pem }} -out {{ pureftpd_tls_certificate_pem }} -subj "/C={{ pureftpd_tls_certificate_openssl.country | default('') }}/ST={{ pureftpd_tls_certificate_openssl.state | default('') }}/L={{ pureftpd_tls_certificate_openssl.locality | default('') }}/O={{ pureftpd_tls_certificate_openssl.organization | default('') }}/OU={{ pureftpd_tls_certificate_openssl.unit | default('') }}/CN={{ pureftpd_tls_certificate_openssl.fqdn }}"
args:
creates: "{{ pureftpd_tls_certificate_pem }}"
when:
- pureftpd_tls_certificate_method == 'generate'
- pureftpd_tls_certificate_openssl | length > 0
notify: restart Pure-FTPd
- name: Ensure Pure-FTPd TLS certificate permissions.
file:
path: "{{ pureftpd_tls_certificate_pem }}"
owner: root
group: root
mode: '0600'
state: file
when:
- pureftpd_tls_certificate_method == 'generate'
- pureftpd_tls_certificate_openssl | length > 0
# - final checks
- name: (pure-ftpd-install.yml) Verify TLS certificate exists.
stat:
path: "{{ pureftpd_tls_certificate_pem }}"
register: pureftpd_tls_certificate
- name: (pure-ftpd-install.yml) Fail when no certificate is found.
fail:
msg: |
The certificate file was not found at {{ pureftpd_tls_certificate_pem }}
when: not pureftpd_tls_certificate.stat.exists | default(False)
Reference in New Issue View Git Blame Copy Permalink