2018-11-06 16:15:42 +01:00
|
|
|
---
|
|
|
|
|
- name: Concatenate SSL certificate, key and dhparam
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.set_fact:
|
2018-11-06 16:15:42 +01:00
|
|
|
ssl_cat: "{{ ssl_cat | default() }}{{ lookup('file', item) }}\n"
|
|
|
|
|
with_fileglob:
|
|
|
|
|
- "ssl/{{ ssl_cert }}.pem"
|
|
|
|
|
- "ssl/{{ ssl_cert }}.key"
|
|
|
|
|
- "ssl/{{ ssl_cert }}.dhp"
|
|
|
|
|
tags:
|
|
|
|
|
- ssl
|
|
|
|
|
|
|
|
|
|
- name: Create haproxy ssl directory
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.file:
|
2018-11-06 16:15:42 +01:00
|
|
|
dest: /etc/haproxy/ssl
|
2018-11-14 15:20:03 +01:00
|
|
|
state: directory
|
2018-11-06 16:15:42 +01:00
|
|
|
mode: "0700"
|
|
|
|
|
tags:
|
|
|
|
|
- ssl
|
|
|
|
|
|
|
|
|
|
- name: Copy concatenated certificate and key
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.copy:
|
2018-11-06 16:15:42 +01:00
|
|
|
content: "{{ ssl_cat }}"
|
|
|
|
|
dest: "/etc/haproxy/ssl/{{ ssl_cert }}.pem"
|
|
|
|
|
mode: "0600"
|
|
|
|
|
notify: reload haproxy
|
|
|
|
|
tags:
|
|
|
|
|
- ssl
|
|
|
|
|
|
|
|
|
|
- name: Reset ssl_cat variable
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.set_fact:
|
2018-11-06 16:15:42 +01:00
|
|
|
ssl_cat: ""
|
|
|
|
|
tags:
|
|
|
|
|
- ssl
|
