tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

freeradius: create the DH file even when the certificate is not managed by letsencrypt.

This commit is contained in:
Andrea Dell'Amico 2019-10-30 13:43:47 +01:00
parent dc0cb3b15e
commit f4904153b4
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
library/roles/freeradius/tasks/main.yml
View File

@ -36,14 +36,17 @@
- name: Create the freeradius pki directory if it does not yet exist
file: dest={{ freeradius_pki_directory }} state=directory owner=root group=freerad mode=0550
- name: Setup the freeradius private key if it is not in place already
copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
- name: Create the DH file
command: openssl dhparam -out {{ freeradius_pki_directory }}/dh 2048
args:
creates: '{{ freeradius_pki_directory }}/dh'
tags: [ 'freeradius', 'freeradius_cert' ]
- block:
- name: Setup the freeradius private key if it is not in place already
copy: remote_src=yes src={{ letsencrypt_acme_certs_dir }}/privkey dest={{ freeradius_pki_directory }} owner=root group=freerad mode=0440
- name: Create the acme hooks directory if it does not yet exist
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root