fix: add back custom tls registry settings
All checks were successful
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful

This commit is contained in:
Robert Kaussow 2024-09-29 13:58:58 +02:00
parent 455ef780e9
commit e7214c5c59
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
2 changed files with 58 additions and 0 deletions

View File

@ -1,4 +1,11 @@
---
ucs_custom_tls_enabled: False
ucs_custom_tls_apache2_enabled: True
ucs_custom_tls_dovecot_enabled: False
ucs_custom_tls_postfix_enabled: True
ucs_custom_tls_cert_path: /etc/pki/tls/certs/mycert.pem
ucs_custom_tls_key_path: /etc/pki/tls/private/mykey.pem
ucs_filesystem_acl: []
# @var ucs_filesystem_acl:example: >
# ucs_filesystem_acl:

View File

@ -5,6 +5,8 @@
value: "{{ item.value }}"
state: "{{ item.state | default('present') }}"
loop: "{{ __usc_registry_settings + ucs_registry_extra }}"
loop_control:
label: "{{ item.path }}={{ item.value }}"
- name: Create system groups
community.general.udm_group:
@ -45,3 +47,52 @@
loop: "{{ ucs_cronjobs }}"
loop_control:
label: "{{ item.name }}"
- name: Configure custom TLS certificates
when: ucs_custom_tls_enabled | bool
block:
- name: Set apache2 ucr vars
xoxys.general.ucr:
path: "{{ item.path }}"
value: "{{ item.value }}"
loop:
- path: apache2/ssl/certificate
value: "{{ ucs_custom_tls_cert_path }}"
- path: apache2/ssl/key
value: "{{ ucs_custom_tls_key_path }}"
- path: saml/apache2/ssl/certificate
value: "{{ ucs_custom_tls_cert_path }}"
- path: saml/apache2/ssl/key
value: "{{ ucs_custom_tls_key_path }}"
loop_control:
label: "{{ item.path }}={{ item.value }}"
notify: __ucs_apache_restart
when: ucs_custom_tls_apache2_enabled
- name: Set dovecot ucr vars
xoxys.general.ucr:
path: "{{ item.path }}"
value: "{{ item.value }}"
loop:
- path: mail/dovecot/ssl/certificate,
value: "{{ ucs_custom_tls_cert_path }}"
- path: mail/dovecot/ssl/key
value: "{{ ucs_custom_tls_key_path }}"
loop_control:
label: "{{ item.path }}={{ item.value }}"
notify: __ucs_dovecot_restart
when: ucs_custom_tls_dovecot_enabled
- name: Set postfix ucr vars
xoxys.general.ucr:
path: "{{ item.path }}"
value: "{{ item.value }}"
loop:
- path: mail/postfix/ssl/certificate
value: "{{ ucs_custom_tls_cert_path }}"
- path: mail/postfix/ssl/key
value: "{{ ucs_custom_tls_key_path }}"
loop_control:
label: "{{ item.path }}={{ item.value }}"
notify: __ucs_postfix_restart
when: ucs_custom_tls_postfix_enabled