library/roles/oracle-jdk/tasks/main.yml: Add the letsencrypt CA certificate to the keystore.

This commit is contained in:
Andrea Dell'Amico 2016-09-22 17:35:14 +02:00
parent 0eaa4195aa
commit f2d4a0d199
1 changed files with 44 additions and 43 deletions

View File

@ -1,53 +1,54 @@
--- ---
- name: setup the Oracle JDK repository on ubuntu - block:
apt_repository: repo='{{ jdk_ubuntu_ppa }}' state=present - name: setup the Oracle JDK repository on ubuntu
apt_repository: repo='{{ jdk_ubuntu_ppa }}' state=present update_cache=yes
when: is_ubuntu when: is_ubuntu
tags: [ 'oracle_jdk', 'jdk' ]
- name: Install the Oracle JDK repository pgp key on debian - name: Install the Oracle JDK repository pgp key on debian
apt_key: keyserver=keyserver.ubuntu.com id={{ jdk_ppa_key }} apt_key: keyserver=keyserver.ubuntu.com id={{ jdk_ppa_key }}
when: is_debian when: is_debian
tags: [ 'oracle_jdk', 'jdk' ]
- name: setup the Oracle JDK repository on debian - name: setup the Oracle JDK repository on debian
apt_repository: repo='{{ jdk_ppa_repo }}' state=present apt_repository: repo='{{ jdk_ppa_repo }}' state=present update_cache=yes
when: is_debian when: is_debian
tags: [ 'oracle_jdk', 'jdk' ]
- name: Accept the Oracle Java license - name: Accept the Oracle Java license
debconf: name='oracle-java{{ item }}-installer' question='shared/accepted-oracle-license-v1-1' value='true' vtype='select' debconf: name='oracle-java{{ item }}-installer' question='shared/accepted-oracle-license-v1-1' value='true' vtype='select'
with_items: '{{ jdk_version }}' with_items: '{{ jdk_version }}'
tags: [ 'oracle_jdk', 'jdk' ]
- name: Install the latest version of Oracle JDK - name: Install the latest version of Oracle JDK
apt: pkg={{ item }} state={{ jdk_pkg_state }} force=yes update_cache=yes apt: pkg={{ item }} state={{ jdk_pkg_state }} force=yes update_cache=yes cache_valid_time=1800
when: not jdk_use_tarfile when: not jdk_use_tarfile
register: jdk_install
with_items: '{{ oracle_jdk_packages }}' with_items: '{{ oracle_jdk_packages }}'
tags: [ 'oracle_jdk', 'jdk' ]
- name: Install the extended security JCE Oracle JDK package - name: Install the extended security JCE Oracle JDK package
apt: pkg=oracle-java{{ item }}-unlimited-jce-policy state={{ jdk_pkg_state }} force=yes apt: pkg=oracle-java{{ item }}-unlimited-jce-policy state={{ jdk_pkg_state }} force=yes update_cache=yes cache_valid_time=1800
with_items: '{{ jdk_version }}' with_items: '{{ jdk_version }}'
when: when:
- not jdk_use_tarfile - not jdk_use_tarfile
- jdk_install_strong_encryption_policy - jdk_install_strong_encryption_policy
tags: [ 'oracle_jdk', 'jdk' ]
- name: Set the JDK default via update-alternatives - name: Set the JDK default via update-alternatives
apt: pkg=oracle-java{{ item }}-set-default state={{ jdk_pkg_state }} force=yes apt: pkg=oracle-java{{ item }}-set-default state={{ jdk_pkg_state }} force=yes update_cache=yes cache_valid_time=1800
with_items: '{{ jdk_default }}' with_items: '{{ jdk_default }}'
when: when:
- not jdk_use_tarfile - not jdk_use_tarfile
- jdk_default is defined - jdk_default is defined
notify: Set the default Oracle JDK notify: Set the default Oracle JDK
tags: [ 'oracle_jdk', 'jdk' ]
- name: Install a custom version of Oracle JDK from a tar file - name: Install a custom version of Oracle JDK from a tar file
unarchive: src={{ jdk_tarfile }} dest={{ jdk_java_home_prefix }} unarchive: src={{ jdk_tarfile }} dest={{ jdk_java_home_prefix }}
when: '{{ jdk_use_tarfile }}' when: '{{ jdk_use_tarfile }}'
tags: [ 'oracle_jdk', 'jdk' ]
- name: Set fact jdk_installed - name: Set fact jdk_installed
set_fact: jdk_installed=True set_fact: jdk_installed=True
tags: [ 'oracle_jdk', 'jdk' ]
- name: Get the Letsencrypt cross signed X3 CA certificate
get_url: url='https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.der' dest=/srv/lets-encrypt-x3-cross-signed.der
- name: Change the default keyring. Insert the Letsencrypt X3 cross signed CA certificate
shell: keytool -trustcacerts -keystore {{ jdk_java_home }}/jre/lib/security/cacerts -storepass changeit -noprompt -importcert -alias lets-encrypt-x3-cross-signed -file /srv/lets-encrypt-x3-cross-signed.der
when: ( jdk_install | changed )
tags: [ 'oracle_jdk', 'jdk' ]