robertdebock.openssl
Ansible Role OpenSSL
This role creates OpenSSL certificates.
| GitHub | GitLab | Downloads | Version |
|---|---|---|---|
 |
 |
 |
 |
Example Playbook
Here’s a simple example from [molecule/default/converge.yml](https://github.com/robertdebock/ansible-role-openssl/blob/master/molecule/default/converge.yml). It's tested every time there is a push, pull request, or release.
---
- name: Converge
hosts: all
become: true
gather_facts: true
roles:
- role: robertdebock.openssl
openssl_items:
- name: my_openssl_key
common_name: my.example.com
Before running this, you need to prepare the machine. In CI, it’s done with `molecule/default/prepare.yml:
---
- name: Prepare
hosts: all
become: true
gather_facts: false
roles:
- role: robertdebock.bootstrap
- role: robertdebock.buildtools
- role: robertdebock.epel
- role: robertdebock.python_pip
# python_pip_update: false
For more details, see a full explanation and example of how to use these roles.
Role Variables
Default values for the variables are set in [defaults/main.yml](https://github.com/robertdebock/ansible-role-openssl/blob/master/defaults/main.yml):
---
# defaults file for openssl
# You can provide a list of ssl keys/CSR/CRT/P12 to generate:
# openssl_items:
# - name: my_openssl_key
# common_name: my.example.com
# You can change the directories for storing keys, CSR, CRT, P12, and PKCS12.
# The default locations are set in `vars/main.yml`.
# Directory for sensitive items. (key, p12, and pkcs12)
openssl_key_directory: "{{ _openssl_key_directory[ansible_os_family] | default(_openssl_key_directory['default']) }}"
# Directory for public, temporary items. (CSR)
openssl_csr_directory: "{{ _openssl_csr_directory[ansible_os_family] | default(_openssl_csr_directory['default']) }}"
# Directory for public, permanent items. (CRT)
openssl_crt_directory: "{{ _openssl_crt_directory[ansible_os_family] | default(_openssl_crt_directory['default']) }}"
# You can set the owner and group for files created by this role.
openssl_file_owner: root
openssl_file_group: root
Requirements
You need the pip packages listed in requirements.txt.
State of Used Roles
Several roles are used to set up the system. You can prepare your system differently.
| Requirement | GitHub | GitLab |
|---|---|---|
| robertdebock.bootstrap |  |
 |
| robertdebock.buildtools |  |
 |
| robertdebock.epel |  |
 |
| robertdebock.python_pip |  |
 |
Context
This role is part of multiple compatible roles. Check out the documentation for more information.
Here’s a visual of related roles:
Compatibility
This role has been tested on the following Docker container images:
| Container | Tags |
|---|---|
| Alpine | all |
| EL | 9 |
| Debian | all |
| Fedora | all |
| Ubuntu | all |
The minimum Ansible version required is 2.12. Tests have been conducted on:
- Previous version
- Current version
- Development version
If you encounter issues, please report them on GitHub.
License
Author Information
Created by robertdebock
Consider sponsoring me.
ansible-galaxy install robertdebock.openssl