39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
- name: install SSL packages
|
|
apt:
|
|
name:
|
|
- python3-openssl
|
|
- python3-crypto
|
|
- python3-cryptography
|
|
- python-openssl
|
|
- python-crypto
|
|
- python-cryptography
|
|
state: present
|
|
|
|
- name: create ssl directory
|
|
file:
|
|
path: "/etc/ssl/{{ app_name }}"
|
|
state: directory
|
|
owner: "{{ app_user }}"
|
|
group: "{{ app_user }}"
|
|
mode: 0750
|
|
|
|
- name: generate an OpenSSL private key with the default values (4096 bits, RSA)
|
|
become_user: "{{ app_user }}"
|
|
openssl_privatekey:
|
|
path: "/etc/ssl/{{ app_name }}/local.pem"
|
|
|
|
- name: generate an OpenSSL certificate signing request
|
|
become_user: "{{ app_user }}"
|
|
openssl_csr:
|
|
path: "/etc/ssl/{{ app_name }}/local.csr"
|
|
privatekey_path: "/etc/ssl/{{ app_name }}/local.pem"
|
|
common_name: fudiggity.nl
|
|
|
|
- name: generate a self signed OpenSSL certificate
|
|
become_user: "{{ app_user }}"
|
|
openssl_certificate:
|
|
force: yes
|
|
path: "/etc/ssl/{{ app_name }}/{{ app_name }}.crt"
|
|
privatekey_path: "/etc/ssl/{{ app_name }}/local.pem"
|
|
csr_path: "/etc/ssl/{{ app_name }}/local.csr"
|
|
provider: selfsigned
|