diff --git a/meta/main.yml b/meta/main.yml index 823859b..1e3a3fc 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,3 +1,4 @@ +# Standards: 0.1 --- galaxy_info: author: xoxys @@ -5,9 +6,9 @@ galaxy_info: license: MIT min_ansible_version: 2.4 platforms: - - name: EL - versions: - - 7 + - name: EL + versions: + - 7 galaxy_tags: - univention - ucs diff --git a/tasks/tls.yml b/tasks/tls.yml index e1eeaa4..d37c5da 100644 --- a/tasks/tls.yml +++ b/tasks/tls.yml @@ -1,64 +1,64 @@ --- - block: - - name: Create tls folder structure - file: - path: "{{ item }}" - state: directory - mode: 700 - with_items: - - "{{ ucs_tls_certs_dir }}" - - "{{ ucs_tls_key_dir }}" + - name: Create tls folder structure + file: + path: "{{ item }}" + state: directory + mode: 700 + with_items: + - "{{ ucs_tls_certs_dir }}" + - "{{ ucs_tls_key_dir }}" - - name: Copy certs and private key - copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{item.mode }}" - with_items: - - { src: "{{ ucs_tls_cert_path }}", dest: "{{ ucs_tls_certs_dir }}/ucs.pem", mode: '0600' } - - { src: "{{ ucs_tls_key_path }}", dest: "{{ ucs_tls_key_dir }}/ucs.pem", mode: '0750' } - loop_control: - label: "{{ item.dest }}" - notify: - - __ucs_apache_restart - - __ucs_dovecot_restart - - __ucs_postfix_restart + - name: Copy certs and private key + copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{item.mode }}" + with_items: + - { src: "{{ ucs_tls_cert_path }}", dest: "{{ ucs_tls_certs_dir }}/ucs.pem", mode: '0600' } + - { src: "{{ ucs_tls_key_path }}", dest: "{{ ucs_tls_key_dir }}/ucs.pem", mode: '0750' } + loop_control: + label: "{{ item.dest }}" + notify: + - __ucs_apache_restart + - __ucs_dovecot_restart + - __ucs_postfix_restart - - name: Set apache2 ucr vars - ucr: - path: "{{ item.path }}" - value: "{{ item.value }}" - with_items: - - { path: apache2/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } - - { path: apache2/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } - loop_control: - label: "variable: {{ item.path }}={{ item.value }}" - notify: __ucs_apache_restart - when: ucs_custom_tls_apache2_enabled + - name: Set apache2 ucr vars + ucr: + path: "{{ item.path }}" + value: "{{ item.value }}" + with_items: + - { path: apache2/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } + - { path: apache2/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } + loop_control: + label: "variable: {{ item.path }} = {{ item.value }}" + notify: __ucs_apache_restart + when: ucs_custom_tls_apache2_enabled - - name: Set dovecot ucr vars - ucr: - path: "{{ item.path }}" - value: "{{ item.value }}" - with_items: - - { path: mail/dovecot/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } - - { path: mail/dovecot/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } - loop_control: - label: "variable: {{ item.path }}={{ item.value }}" - notify: __ucs_dovecot_restart - when: ucs_custom_tls_dovecot_enabled + - name: Set dovecot ucr vars + ucr: + path: "{{ item.path }}" + value: "{{ item.value }}" + with_items: + - { path: mail/dovecot/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } + - { path: mail/dovecot/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } + loop_control: + label: "variable: {{ item.path }} = {{ item.value }}" + notify: __ucs_dovecot_restart + when: ucs_custom_tls_dovecot_enabled - - name: Set postfix ucr vars - ucr: - path: "{{ item.path }}" - value: "{{ item.value }}" - with_items: - - { path: mail/postfix/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } - - { path: mail/postfix/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } - loop_control: - label: "variable: {{ item.path }}={{ item.value }}" - notify: __ucs_postfix_restart - when: ucs_custom_tls_postfix_enabled + - name: Set postfix ucr vars + ucr: + path: "{{ item.path }}" + value: "{{ item.value }}" + with_items: + - { path: mail/postfix/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } + - { path: mail/postfix/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } + loop_control: + label: "variable: {{ item.path }} = {{ item.value }}" + notify: __ucs_postfix_restart + when: ucs_custom_tls_postfix_enabled become: True become_user: root when: ucs_custom_tls_enabled