2017-10-10 00:03:22 +02:00
|
|
|
---
|
|
|
|
- name: ssl-cert package is installed
|
|
|
|
apt:
|
|
|
|
name: ssl-cert
|
|
|
|
state: present
|
2018-12-05 14:59:19 +01:00
|
|
|
tags:
|
|
|
|
- evoadmin-mail
|
2017-10-10 00:03:22 +02:00
|
|
|
|
|
|
|
- name: Create private key and csr for default site ({{ ansible_fqdn }})
|
|
|
|
command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ evoadminmail_host }}.key -out /etc/ssl/{{ evoadminmail_host }}.csr -batch -subj "/CN={{ evoadminmail_host }}"
|
|
|
|
args:
|
|
|
|
creates: "/etc/ssl/private/{{ evoadminmail_host }}.key"
|
2018-12-05 14:59:19 +01:00
|
|
|
tags:
|
|
|
|
- evoadmin-mail
|
2017-10-10 00:03:22 +02:00
|
|
|
|
|
|
|
- name: Adjust rights on private key
|
|
|
|
file:
|
2018-12-05 14:59:19 +01:00
|
|
|
dest: /etc/ssl/private/{{ evoadminmail_host }}.key
|
2017-10-10 00:03:22 +02:00
|
|
|
owner: root
|
|
|
|
group: ssl-cert
|
|
|
|
mode: "0640"
|
2018-12-05 14:59:19 +01:00
|
|
|
tags:
|
|
|
|
- evoadmin-mail
|
2017-10-10 00:03:22 +02:00
|
|
|
|
|
|
|
- name: Create certificate for default site
|
|
|
|
command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ evoadminmail_host }}.csr -signkey /etc/ssl/private/{{ evoadminmail_host }}.key -out /etc/ssl/certs/{{ evoadminmail_host }}.crt
|
|
|
|
args:
|
|
|
|
creates: "/etc/ssl/certs/{{ evoadminmail_host }}.crt"
|
2018-12-05 14:59:19 +01:00
|
|
|
tags:
|
|
|
|
- evoadmin-mail
|