No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

selfsigned.yml 1.4KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647
  1. - name: Install Self Signed Cert stuff
  2. apt:
  3. name: "{{ packages }}"
  4. state: present
  5. vars:
  6. packages:
  7. - openssl
  8. tags:
  9. - dependencies
  10. - name: Add group name ssl-cert for SSL certificates
  11. group:
  12. name: ssl-cert
  13. state: present
  14. - name: Create directory for certificates
  15. file: state=directory path=/etc/letsencrypt group=root owner=root
  16. - name: Create live directory for certificates
  17. file: state=directory path=/etc/letsencrypt/live/{{ domain }} group=ssl-cert owner=root
  18. - name: Add script for cert creation
  19. template:
  20. src=home_deploy_ssl-self-signed.sh.j2
  21. dest=/home/deploy/ssl-self-signed.sh
  22. owner=deploy
  23. group=deploy
  24. mode=755
  25. - name: Create self signed certificates
  26. command:
  27. cmd: /home/deploy/ssl-self-signed.sh
  28. notify: restart apache
  29. - name: Modify permissions to allow ssl-cert group access to live
  30. file: path=/etc/letsencrypt/live owner=root group=ssl-cert mode=0750 recurse=yes
  31. - name: Retrieve the self signing CA to remove warning in users browser
  32. fetch: src=/etc/letsencrypt/live/{{ domain }}/chain.pem
  33. dest="{{ secret }}/sovereign-self-signed-ca"
  34. fail_on_missing=yes
  35. - name: Retrieve the self signing CA and Cert to remove warning in users browser
  36. fetch: src=/etc/letsencrypt/live/{{ domain }}/fullchain.pem
  37. dest="{{ secret }}/sovereign-self-signed-chain"
  38. fail_on_missing=yes