293:6635f14613ba
Anton Shestakov <av6@dwimlabs.net>, Wed, 01 Nov 2017 00:50:57 +0800
Makefile: use file targets more, results in incremental building Less work to do when only some files get changed, but more work when building from scratch. But, multiple compilers can run in parallel.
previous change 211:4b03f725cb69

contrib/provision/roles/certs/tasks/main.yml

Permissions: -rw-r--r--

File Latest Revisions Annotate Diff Comparison
Other formats:
JSON Raw
Feeds:
Atom RSS 
---
- name: Install packages
  apt:
    pkg: '{{ item }}'
    state: present
  with_items:
    - openssl
    - ssl-cert
- name: Make sure {{ path }} exists
  file:
    path: '{{ path }}'
    state: directory
    owner: root
    group: ssl-cert
    mode: 0710
- name: Make sure domain directories exist
  file:
    path: '{{ path }}/{{ item }}'
    state: directory
    owner: root
    group: ssl-cert
    mode: 0710
  with_items: '{{ selfsigned }}'
- name: Generate private keys
  command: >
    openssl genrsa
    -out '{{ path }}/{{ item }}/clean.key'
    2048
  args:
    creates: '{{ path }}/{{ item }}/clean.key'
  with_items: '{{ selfsigned }}'
- name: Set permissions for private keys
  file:
    path: '{{ path }}/{{ item }}/clean.key'
    state: file
    owner: root
    group: ssl-cert
    mode: 0640
  with_items: '{{ selfsigned }}'
- name: Generate self-signed certificates
  command: >
    openssl req
    -new
    -x509
    -subj '/CN={{ item }}'
    -extensions v3_ca
    -days 3650
    -key '{{ path }}/{{ item }}/clean.key'
    -out '{{ path }}/{{ item }}/selfsigned.pem'
  args:
    creates: '{{ path }}/{{ item }}/selfsigned.pem'
  with_items: '{{ selfsigned }}'
- name: Set permissions for self-signed certificates
  file:
    path: '{{ path }}/{{ item }}/selfsigned.pem'
    state: file
    owner: root
    group: ssl-cert
    mode: 0640
  with_items: '{{ selfsigned }}'
...