From f9ae90bbc45b3b0d4b4a988ac4ad9ae2fa35df8c Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Sat, 19 Jan 2019 02:19:57 +0100
Subject: [PATCH] add tls tasks

---
 tasks/main.yml |  3 +++
 tasks/tls.yml  | 30 ++++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+)
 create mode 100644 tasks/tls.yml

diff --git a/tasks/main.yml b/tasks/main.yml
index be7aca6..8da81aa 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -3,6 +3,9 @@
 - import_tasks: storage.yml
   when: matrix_lvm_enabled
 - include_tasks: install.yml
+- import_tasks: tls.yml
+  when: matrix_tls_enabled
+  tags: tls_renewal
 - import_tasks: nginx.yml
   when: matrix_nginx_vhost_enabled
 - include_tasks: post_tasks.yml
diff --git a/tasks/tls.yml b/tasks/tls.yml
new file mode 100644
index 0000000..3f673c5
--- /dev/null
+++ b/tasks/tls.yml
@@ -0,0 +1,30 @@
+---
+- block:
+    - name: Create tls folder structure
+      file:
+        path: "{{ item }}"
+        state: directory
+        owner: "{{ matrix_user }}"
+        group: "{{ matrix_group }}"
+        recurse: True
+      with_items:
+        - "{{ matrix_tls_cert_path | dirname }}"
+        - "{{ matrix_tls_key_path | dirname }}"
+  become: True
+  become_user: root
+
+- block:
+    - name: Copy certs and private key
+      copy:
+        src: "{{ item.src }}"
+        dest: "{{ item.dest }}"
+        mode: "{{ item.mode }}"
+      with_items:
+        - { src: "{{ matrix_tls_key_source }}", dest: '{{ matrix_tls_key_path }}', mode: '0600' }
+        - { src: "{{ matrix_tls_cert_source }}", dest: '{{ matrix_tls_cert_path }}', mode: '0750' }
+      loop_control:
+        label: "{{ item.dest }}"
+      register: __matrix_certs_file
+      when: matrix_tls_source_use_files
+  become: True
+  become_user: "{{ matrix_user }}"