Files
@ 4b5ca3dcf102
Branch filter:
Location: majic-ansible-roles/testsite/playbooks/tls.yml - annotation
4b5ca3dcf102
2.2 KiB
text/x-yaml
MAR-197: Implement environment indicator for the web_server role:
- Now the environment indicator will also cover the default landing
page for the web server.
- Tweaked the landing page to look a bit better in terms of
margins (particularly important for the environment indicator).
- Now the environment indicator will also cover the default landing
page for the web server.
- Tweaked the landing page to look a bit better in terms of
margins (particularly important for the environment indicator).
70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 2b3af82bc50e 2b3af82bc50e 2b3af82bc50e 70733167cdf8 70733167cdf8 70733167cdf8 2ded0cbae449 2ded0cbae449 70733167cdf8 70733167cdf8 70733167cdf8 a668b3669853 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 a668b3669853 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 a668b3669853 70733167cdf8 a668b3669853 | ---
- hosts: preseed
vars:
host_tls_info:
- hostname: ldap
service: ldap
name: LDAP
- hostname: mail
service: imap
name: IMAP
- hostname: mail
service: smtp
name: SMTP
- hostname: phpinfo
service: https
name: PHP Info
- hostname: web
service: https
name: Web
- hostname: wsgi
service: https
name: WSGI Hello World
- hostname: wsgireq
service: https
name: WSGI Hello World
- hostname: xmpp
service: xmpp
name: XMPP
extra_dns_names:
- "{{ testsite_domain }}"
tasks:
- name: Create GnuTLS certificate templates for all hosts
template: src="../tls/gnutls_server_certificate.cfg.j2" dest="../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg"
with_items: "{{ host_tls_info }}"
- name: Create the CA key
command: certtool --sec-param high --generate-privkey --outfile ../tls/ca.key
args:
creates: ../tls/ca.key
- name: Create the CA certificate
command: certtool --template ../tls/ca.cfg --generate-self-signed --load-privkey ../tls/ca.key --outfile ../tls/ca.pem
args:
creates: ../tls/ca.pem
- name: Create private keys for all hosts
command: certtool --sec-param normal --generate-privkey --outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
with_items: "{{ host_tls_info }}"
args:
creates: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
- name: Issue certificates for all hosts
shell: sleep 1 && certtool --generate-certificate
--load-ca-privkey "../tls/ca.key" --load-ca-certificate "../tls/ca.pem"
--template "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg"
--load-privkey "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
--outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.pem"
with_items: "{{ host_tls_info }}"
args:
creates: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.pem"
|