freeradius: create the DH file even when the certificate is not managed by letsencrypt.

This commit is contained in:
Andrea Dell'Amico 2019-10-30 13:43:47 +01:00
parent dc0cb3b15e
commit f4904153b4
1 changed files with 6 additions and 3 deletions

View File

@ -36,14 +36,17 @@
- name: Create the freeradius pki directory if it does not yet exist - name: Create the freeradius pki directory if it does not yet exist
file: dest={{ freeradius_pki_directory }} state=directory owner=root group=freerad mode=0550 file: dest={{ freeradius_pki_directory }} state=directory owner=root group=freerad mode=0550
- name: Setup the freeradius private key if it is not in place already
copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
- name: Create the DH file - name: Create the DH file
command: openssl dhparam -out {{ freeradius_pki_directory }}/dh 2048 command: openssl dhparam -out {{ freeradius_pki_directory }}/dh 2048
args: args:
creates: '{{ freeradius_pki_directory }}/dh' creates: '{{ freeradius_pki_directory }}/dh'
tags: [ 'freeradius', 'freeradius_cert' ]
- block:
- name: Setup the freeradius private key if it is not in place already
copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
- name: Create the acme hooks directory if it does not yet exist - name: Create the acme hooks directory if it does not yet exist
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root