X-Git-Url: http://git.liburcu.org/?a=blobdiff_plain;f=automation%2Fansible%2Froles%2Fcommon%2Ftasks%2Fcerts.yml;h=eeb1bfa9657fb1fc44885afb2d00ad5206531bd0;hb=b519cea92eec9ed3de853764208a9f4454b7a726;hp=b306cb54bea14afc18a1a4329ec7b6e132320544;hpb=94ff4298157011a4e382f76791d66aa15466806c;p=lttng-ci.git

diff --git a/automation/ansible/roles/common/tasks/certs.yml b/automation/ansible/roles/common/tasks/certs.yml
index b306cb5..eeb1bfa 100644
--- a/automation/ansible/roles/common/tasks/certs.yml
+++ b/automation/ansible/roles/common/tasks/certs.yml
@@ -1,7 +1,7 @@
 ---
 - name: Deploy internal certificate
   ansible.builtin.copy:
-    dest: /etc/ssl/certs/internal.efficios.com.pem
+    dest: "{{common_certificate_cert_path_prefix}}/internal.efficios.com.pem"
     mode: '0644'
     owner: 'root'
     group: 'root'
@@ -9,7 +9,7 @@
   register: cert
 - name: Deploy internal certificate key
   ansible.builtin.copy:
-    dest: /etc/ssl/private/internal.efficios.com.key
+    dest: "{{common_certificate_key_path_prefix}}/internal.efficios.com.key"
     mode: '0640'
     owner: 'root'
     group: 'root'
@@ -17,6 +17,6 @@
   register: key
 - name: Deploy combined cert+key
   # haproxy uses a combined certificate and key file
-  when: cert.changed or key.changed
+  when: (cert.changed or key.changed) and common_certificate_deploy_combined_pem
   ansible.builtin.shell:
-    cmd: 'cat /etc/ssl/certs/internal.efficios.com.pem /etc/ssl/private/internal.efficios.com.key > /etc/ssl/private/internal.efficios.com.pem'
+    cmd: "cat {{common_certificate_cert_path_prefix}}/internal.efficios.com.pem {{common_certificate_key_path_prefix}}/internal.efficios.com.key > {{common_certificate_key_path_prefix}}/internal.efficios.com.pem"