tyler/ansible-seaweed
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ansible-seaweed/roles/seaweed/tasks/generate_cert.yaml
Tyler Stuyfzand 084e9ab432 first commit
2025-05-26 23:03:10 -04:00

41 lines
1.2 KiB
YAML
Raw Blame History

- name: Generate private key for {{ domain }}
command: >
openssl genrsa -out {{ seaweed_cert_dir }}/{{ domain }}.key 2048
args:
creates: "{{ seaweed_cert_dir }}/{{ domain }}.key"
register: gen_key_result
- name: Generate CSR for {{ domain }}
command: >
openssl req -new -key {{ seaweed_cert_dir }}/{{ domain }}.key
-out {{ seaweed_cert_dir }}/{{ domain }}.csr
-subj "/CN={{ domain }}"
args:
creates: "{{ seaweed_cert_dir }}/{{ domain }}.csr"
register: gen_csr_result
- name: Generate certificate signed by CA for {{ domain }}
command: >
openssl x509 -req
-in {{ seaweed_cert_dir }}/{{ domain }}.csr
-CA {{ seaweed_ca_cert }}
-CAkey {{ seaweed_ca_key }}
-CAcreateserial
-out {{ seaweed_cert_dir }}/{{ domain }}.crt
-days 3650
-sha256
args:
creates: "{{ seaweed_cert_dir }}/{{ domain }}.crt"
register: gen_crt_result
- name: Set certificate permissions
file:
path: "{{ item }}"
owner: "{{ seaweed_user }}"
group: "{{ seaweed_group }}"
mode: '0644'
recurse: true
loop:
- "{{ seaweed_cert_dir }}/{{ domain }}.crt"
- "{{ seaweed_cert_dir }}/{{ domain }}.csr"
- "{{ seaweed_cert_dir }}/{{ domain }}.key"
Reference in New Issue View Git Blame Copy Permalink