--- - block: - name: Create tls folder structure file: path: "{{ item }}" state: directory mode: 0700 loop: - "{{ ucs_tls_certs_dir }}" - "{{ ucs_tls_key_dir }}" - name: Copy certs and private key copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" loop: - { src: "{{ ucs_tls_cert_path }}", dest: "{{ ucs_tls_certs_dir }}/ucs.pem", mode: '0600' } - { src: "{{ ucs_tls_key_path }}", dest: "{{ ucs_tls_key_dir }}/ucs.pem", mode: '0750' } loop_control: label: "{{ item.dest }}" notify: - __ucs_apache_restart - __ucs_dovecot_restart - __ucs_postfix_restart - name: Set apache2 ucr vars ucr: path: "{{ item.path }}" value: "{{ item.value }}" loop: - { path: apache2/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } - { path: apache2/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } - { path: saml/apache2/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } - { path: saml/apache2/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } loop_control: label: "variable: {{ item.path }}={{ item.value }}" notify: __ucs_apache_restart when: ucs_custom_tls_apache2_enabled - name: Set dovecot ucr vars ucr: path: "{{ item.path }}" value: "{{ item.value }}" loop: - { path: mail/dovecot/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } - { path: mail/dovecot/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } loop_control: label: "variable: {{ item.path }}={{ item.value }}" notify: __ucs_dovecot_restart when: ucs_custom_tls_dovecot_enabled - name: Set postfix ucr vars ucr: path: "{{ item.path }}" value: "{{ item.value }}" loop: - { path: mail/postfix/ssl/certificate, value: "{{ ucs_tls_certs_dir }}/ucs.pem" } - { path: mail/postfix/ssl/key, value: "{{ ucs_tls_key_dir }}/ucs.pem" } loop_control: label: "variable: {{ item.path }}={{ item.value }}" notify: __ucs_postfix_restart when: ucs_custom_tls_postfix_enabled become: True become_user: root when: ucs_custom_tls_enabled