Commit | Line | Data |
---|---|---|
83d6ed6c KS |
1 | --- |
2 | - name: Deploy internal certificate | |
3 | ansible.builtin.copy: | |
4 | dest: /etc/ssl/certs/internal.efficios.com.pem | |
5 | mode: '0644' | |
6 | owner: 'root' | |
7 | group: 'root' | |
8 | src: 'internal.efficios.com.pem' | |
458824b8 | 9 | register: cert |
83d6ed6c KS |
10 | - name: Deploy internal certificate key |
11 | ansible.builtin.copy: | |
12 | dest: /etc/ssl/private/internal.efficios.com.key | |
13 | mode: '0640' | |
14 | owner: 'root' | |
15 | group: 'root' | |
16 | content: "{{lookup('community.general.bitwarden', 'TLS Certificate internal.efficios.com', collection_id='35c5d8b1-2520-4450-a479-aef50131b930')[0]['notes'] }}" | |
458824b8 KS |
17 | register: key |
18 | - name: Deploy combined cert+key | |
19 | # haproxy uses a combined certificate and key file | |
20 | when: cert.changed or key.changed | |
21 | ansible.builtin.shell: | |
22 | cmd: 'cat /etc/ssl/certs/internal.efficios.com.pem /etc/ssl/private/internal.efficios.com.key > /etc/ssl/private/internal.efficios.com.pem' |