forked from ISTI-ansible-roles/ansible-roles
freeradius: create the DH file even when the certificate is not managed by letsencrypt.
This commit is contained in:
parent
dc0cb3b15e
commit
f4904153b4
|
@ -36,14 +36,17 @@
|
||||||
- name: Create the freeradius pki directory if it does not yet exist
|
- name: Create the freeradius pki directory if it does not yet exist
|
||||||
file: dest={{ freeradius_pki_directory }} state=directory owner=root group=freerad mode=0550
|
file: dest={{ freeradius_pki_directory }} state=directory owner=root group=freerad mode=0550
|
||||||
|
|
||||||
- name: Setup the freeradius private key if it is not in place already
|
|
||||||
copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
|
|
||||||
|
|
||||||
- name: Create the DH file
|
- name: Create the DH file
|
||||||
command: openssl dhparam -out {{ freeradius_pki_directory }}/dh 2048
|
command: openssl dhparam -out {{ freeradius_pki_directory }}/dh 2048
|
||||||
args:
|
args:
|
||||||
creates: '{{ freeradius_pki_directory }}/dh'
|
creates: '{{ freeradius_pki_directory }}/dh'
|
||||||
|
|
||||||
|
tags: [ 'freeradius', 'freeradius_cert' ]
|
||||||
|
|
||||||
|
- block:
|
||||||
|
- name: Setup the freeradius private key if it is not in place already
|
||||||
|
copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
|
||||||
|
|
||||||
- name: Create the acme hooks directory if it does not yet exist
|
- name: Create the acme hooks directory if it does not yet exist
|
||||||
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
|
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue