From 0c9e2ce70a043b49c44b690a403056f56d011390 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Tue, 14 Aug 2018 23:04:27 +0200 Subject: [PATCH] set tls path static --- defaults/main.yml | 6 ++---- tasks/tls.yml | 13 ++----------- 2 files changed, 4 insertions(+), 15 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 43ed4cc..2f6ead4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -48,10 +48,8 @@ nginx_open_ports: - 443 nginx_tls_enabled: False -nginx_tls_certs_dir: /etc/pki/tls/certs -nginx_tls_key_dir: /etc/pki/tls/private -nginx_tls_cert_file: "{{ nginx_tls_certs_dir }}/mycert.pem" -nginx_tls_key_file: "{{ nginx_tls_key_dir }}/mykey.pem" +nginx_tls_cert_file: "mycert.pem" +nginx_tls_key_file: "mykey.pem" nginx_tls_source_use_content: False nginx_tls_source_use_files: True nginx_tls_cert_source: mycert.pem diff --git a/tasks/tls.yml b/tasks/tls.yml index 372a0b8..812206c 100644 --- a/tasks/tls.yml +++ b/tasks/tls.yml @@ -1,21 +1,12 @@ - block: - - name: Create tls folder structure - file: - path: "{{ item }}" - state: directory - mode: 750 - with_items: - - "{{ nginx_tls_certs_dir }}" - - "{{ nginx_tls_key_dir }}" - - name: Copy certs and private key (content) copy: content: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - - { src: "{{ nginx_tls_key_source }}", dest: '{{ nginx_tls_key_file }}', mode: '0600' } - - { src: "{{ nginx_tls_cert_source }}", dest: '{{ nginx_tls_cert_file }}', mode: '0750' } + - { src: "{{ nginx_tls_key_source }}", dest: '/etc/pki/tls/private/{{ nginx_tls_key_file }}', mode: '0600' } + - { src: "{{ nginx_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ nginx_tls_cert_file }}', mode: '0750' } loop_control: label: "{{ item.dest }}" notify: __nginx_reload