mirror of
https://gitea.0xace.cc/ansible-galaxy/haproxy.git
synced 2024-11-25 00:16:39 +00:00
41 lines
1.4 KiB
YAML
41 lines
1.4 KiB
YAML
- name: Check if ssl dir exist
|
|
file:
|
|
name: "{{ haproxy_ssl_path }}"
|
|
state: directory
|
|
when: haproxy_ssl
|
|
|
|
- name: Add predefined ssl cert for HAProxy
|
|
copy:
|
|
src: "{{ haproxy_cert_name }}"
|
|
dest: "{{ haproxy_ssl_path }}/{{ haproxy_cert_name }}"
|
|
notify: Reload HAProxy
|
|
when: haproxy_cert is defined
|
|
|
|
- block:
|
|
- name: Check if temp ssl dir exist
|
|
file:
|
|
name: "{{ haproxy_self_signed_cert_gen_path }}"
|
|
state: directory
|
|
|
|
- name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
|
|
community.crypto.openssl_privatekey:
|
|
path: "{{ haproxy_self_signed_cert_gen_path }}/key.pem"
|
|
when: haproxy_cert is not defined
|
|
register: haproxy_key_gen
|
|
|
|
- name: Generate a Self Signed OpenSSL certificate
|
|
community.crypto.x509_certificate:
|
|
path: "{{ haproxy_self_signed_cert_gen_path }}/cert.crt"
|
|
privatekey_path: "{{ haproxy_self_signed_cert_gen_path }}/key.pem"
|
|
provider: selfsigned
|
|
when: haproxy_cert is not defined
|
|
register: haproxy_cert_gen
|
|
|
|
- name: Cat cert and key to single file for HAProxy
|
|
ansible.builtin.shell: |
|
|
cat {{ haproxy_self_signed_cert_gen_path }}/cert.crt > {{ haproxy_ssl_path }}/{{ haproxy_cert_name }}
|
|
cat {{ haproxy_self_signed_cert_gen_path }}/key.pem >> {{ haproxy_ssl_path }}/{{ haproxy_cert_name }}
|
|
when: haproxy_cert_gen.changed or haproxy_key_gen.changed
|
|
notify: Reload HAProxy
|
|
when: haproxy_self_signed_cert
|