refactor tls path handling

2018-10-16 23:11:31 +02:00 · 2018-10-16 23:11:31 +02:00 · f607529f5c
commit f607529f5c
parent 1192e6de7d
3 changed files with 6 additions and 6 deletions
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
@ -8,8 +8,8 @@
      group: "{{ openhab_group }}"
      recurse: True
    with_items:
-      - "{{ __postgres_tls_key_path }}"
+      - "{{ __postgres_tls_key_path | dirname }}"
-      - "{{ __postgres_tls_cert_path }}"
+      - "{{ __postgres_tls_cert_path | dirname }}"
  become: True
  become_user: root
--- a/templates/postgresql/data/postgresql.conf.j2
+++ b/templates/postgresql/data/postgresql.conf.j2
@ -50,8 +50,8 @@ ssl = off
 #ssl_prefer_server_ciphers = on
 #ssl_ecdh_curve = 'prime256v1'
 #ssl_dh_params_file = ''
-ssl_cert_file = '{{ __postgres_tls_path }}/certs/{{ postgres_tls_cert_filename }}'
+ssl_cert_file = '{{ __postgres_tls_cert_path }}'
-ssl_key_file = '{{ __postgres_tls_path }}/key/{{ postgres_tls_key_filename }}'
+ssl_key_file = '{{ __postgres_tls_key_path }}'
 #ssl_ca_file = ''
 #ssl_crl_file = ''
 {% endif %}
--- a/vars/main.yml
+++ b/vars/main.yml
@ -8,5 +8,5 @@ __postgres_packages:
  - "{{ __postgres_packagename }}-server"
 __postgres_data_dir: "/var/lib/pgsql/{{ __postgres_version }}/data"
 __postgres_config_path: "{{ __postgres_data_dir }}"
-__postgres_tls_key_path: "{{ __postgres_data_dir }}/tls/key"
+__postgres_tls_key_path: "{{ __postgres_data_dir }}/tls/key/{{ postgres_tls_key_filename }}"
-__postgres_tls_cert_path: "{{ __postgres_data_dir }}/tls/key"
+__postgres_tls_cert_path: "{{ __postgres_data_dir }}/tls/certs/{{ postgres_tls_cert_filename }}"