You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
876 B
44 lines
876 B
---
|
|
- name: Copy SSL certificate
|
|
copy:
|
|
src: "ssl/{{ ssl_cert }}.pem"
|
|
dest: "/etc/ssl/certs/{{ ssl_cert }}.pem"
|
|
mode: "0644"
|
|
register: ssl_copy_cert
|
|
tags:
|
|
- ssl
|
|
|
|
- name: Copy SSL key
|
|
copy:
|
|
src: "ssl/{{ ssl_cert }}.key"
|
|
dest: "/etc/ssl/private/{{ ssl_cert }}.key"
|
|
mode: "0640"
|
|
owner: root
|
|
group: ssl-cert
|
|
register: ssl_copy_key
|
|
tags:
|
|
- ssl
|
|
|
|
- name: Copy SSL dhparam
|
|
copy:
|
|
src: "ssl/{{ ssl_cert }}.dhp"
|
|
dest: "/etc/ssl/certs/{{ ssl_cert }}.dhp"
|
|
mode: "0644"
|
|
register: ssl_copy_dhp
|
|
tags:
|
|
- ssl
|
|
|
|
- name: Check if Haproxy is installed
|
|
shell: "set -o pipefail && dpkg -l haproxy 2>/dev/null | grep -q -E '^(i|h)i'"
|
|
args:
|
|
executable: /bin/bash
|
|
register: haproxy_check
|
|
check_mode: no
|
|
changed_when: False
|
|
failed_when: False
|
|
tags:
|
|
- ssl
|
|
|
|
- include: haproxy.yml
|
|
when: haproxy_check.rc == 0
|