293:6635f14613ba
Anton Shestakov <av6@dwimlabs.net>, Wed, 01 Nov 2017 00:50:57 +0800
Makefile: use file targets more, results in incremental building Less work to do when only some files get changed, but more work when building from scratch. But, multiple compilers can run in parallel.

previous change 211:4b03f725cb69

contrib/provision/roles/certs/tasks/main.yml

Permissions: -rw-r--r--

Other formats: Feeds:
---
- name: Install packages
apt:
pkg: '{{ item }}'
state: present
with_items:
- openssl
- ssl-cert
- name: Make sure {{ path }} exists
file:
path: '{{ path }}'
state: directory
owner: root
group: ssl-cert
mode: 0710
- name: Make sure domain directories exist
file:
path: '{{ path }}/{{ item }}'
state: directory
owner: root
group: ssl-cert
mode: 0710
with_items: '{{ selfsigned }}'
- name: Generate private keys
command: >
openssl genrsa
-out '{{ path }}/{{ item }}/clean.key'
2048
args:
creates: '{{ path }}/{{ item }}/clean.key'
with_items: '{{ selfsigned }}'
- name: Set permissions for private keys
file:
path: '{{ path }}/{{ item }}/clean.key'
state: file
owner: root
group: ssl-cert
mode: 0640
with_items: '{{ selfsigned }}'
- name: Generate self-signed certificates
command: >
openssl req
-new
-x509
-subj '/CN={{ item }}'
-extensions v3_ca
-days 3650
-key '{{ path }}/{{ item }}/clean.key'
-out '{{ path }}/{{ item }}/selfsigned.pem'
args:
creates: '{{ path }}/{{ item }}/selfsigned.pem'
with_items: '{{ selfsigned }}'
- name: Set permissions for self-signed certificates
file:
path: '{{ path }}/{{ item }}/selfsigned.pem'
state: file
owner: root
group: ssl-cert
mode: 0640
with_items: '{{ selfsigned }}'
...