ISTI-ansible-roles
/
ansible-role-basic-system-setup
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Give a valid shell to the mkcert-ca user.

This commit is contained in:
Andrea Dell'Amico 2023-07-13 11:18:18 +02:00
parent de549df51a
commit 0e1955aeb7
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tasks/certificate_from_private_ca.yml
View File

@ -3,10 +3,14 @@
tags: [pki, tls, tls_certificate] tags: [pki, tls, tls_certificate]
block: block:
- name: Create the certificate (delegate to the CA vm) - name: Create the certificate (delegate to the CA vm)
become: true
become_user: mkcert-ca become_user: mkcert-ca
become_method: su
become_flags: '-s /bin/bash'
ansible.builtin.command: ansible.builtin.command:
cmd: mkcert -cert-file {{ mkcert_cert_name }} -key-file {{ mkcert_key_name }} {{ mkcert_dsn_and_ip_list }} cmd: mkcert -cert-file {{ mkcert_cert_name }} -key-file {{ mkcert_key_name }} {{ mkcert_dsn_and_ip_list }}
args: args:
chdir: /srv/mkcert-ca
creates: "/srv/mkcert-ca/{{ mkcert_cert_name }}" creates: "/srv/mkcert-ca/{{ mkcert_cert_name }}"
delegate_to: "{{ mkcert_ca_host }}" delegate_to: "{{ mkcert_ca_host }}"
@ -14,7 +18,6 @@
tags: [pki, tls, tls_certificate] tags: [pki, tls, tls_certificate]
block: block:
- name: Get the certificate and its key from the CA server - name: Get the certificate and its key from the CA server
become_user: mkcert-ca
ansible.builtin.fetch: ansible.builtin.fetch:
src: "/srv/mkcert-ca/{{ item }}" src: "/srv/mkcert-ca/{{ item }}"
dest: "files/{{ item }}" dest: "files/{{ item }}"