Anton Shestakov <av6@dwimlabs.net>, Mon, 04 Apr 2016 20:32:07 +0800
provision: set root directory in server directive
contrib/provision/roles/certs/tasks/main.yml
Permissions: -rw-r--r--
apt: pkg={{ item }} state=present - name: Make sure {{ path }} exists file: path='{{ path }}' state=directory owner=root group=ssl-cert mode=0710 - name: Make sure domain directories exist file: path='{{ path }}/{{ item }}' state=directory owner=root group=ssl-cert mode=0710 with_items: '{{ selfsigned }}' - name: Generate private keys -out '{{ path }}/{{ item }}/clean.key' creates: '{{ path }}/{{ item }}/clean.key' with_items: '{{ selfsigned }}' - name: Set permissions for private keys file: path='{{ path }}/{{ item }}/clean.key' state=file owner=root group=ssl-cert mode=0640 with_items: '{{ selfsigned }}' - name: Generate self-signed certificates -key '{{ path }}/{{ item }}/clean.key' -out '{{ path }}/{{ item }}/selfsigned.pem' creates: '{{ path }}/{{ item }}/selfsigned.pem' with_items: '{{ selfsigned }}' - name: Set permissions for self-signed certificates file: path='{{ path }}/{{ item }}/selfsigned.pem' state=file owner=root group=ssl-cert mode=0640 with_items: '{{ selfsigned }}'