outsideopen.ssl_certificate
ansible-role-ssl-certificate
Manage an SSL certificate on a server
Installation
To install the role, run:
ansible-galaxy install outsideopen.ssl_certificate
Example Usage
Here’s how you can use the role in your playbook:
---
- hosts: webserver
roles:
- role: outsideopen.ssl_certificate
# The certificate files should be in files/certs/example_com/
# named server.crt, ca.crt, and server.key
ssl_certificate_name: example_com
Role Variables
Default Settings
| Variable | Options/Defaults | Description |
|---|---|---|
| ssl_certificate_source_path | certs | Folder to look for certificate files |
| ssl_certificate_path | /etc/ssl/private | Where to save the certificates |
| ssl_certificate_path_cert | {ssl_certificate_path}/{ssl_certificate_name} |
Full path to the certificate |
| ssl_certificate_path_owner | root | User who owns the path |
| ssl_certificate_path_group | root | Group who owns the path |
| ssl_certificate_path_mode | 0700 | Permissions for the path |
| ssl_certificate_owner | root | User who owns the certificate |
| ssl_certificate_group | root | Group who owns the certificate |
| ssl_certificate_mode | 0440 | Permissions for the certificate |
| ssl_certificate_files | List of files to copy |
ssl_certificate_files
This is a list of files you want to copy, specifying the local file and the destination file.
ssl_certificate_files_default:
- file: server.crt
dest: "{{ ssl_certificate_name }}.crt"
- file: ca.crt
dest: "{{ ssl_certificate_name }}-ca.crt"
- file: server.key
dest: "{{ ssl_certificate_name }}.key"
If you need to copy an additional file (for example, server.pfx), you would add:
ssl_certificate_files_extra:
- file: server.pfx
dest: "{{ ssl_certificate_name }}.pfx"
Testing
To test the role, you'll need Molecule and Docker set up:
pipenv shell
pip install molecule-docker
ansible-galaxy collection install community.general
molecule test
License
This project is licensed under the MIT License.
Author Information
Created by David Lundgren.
Installa
ansible-galaxy install outsideopen.ssl_certificateLicenza
mit
Download
151
Proprietario