evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 33 Wiki Activity
ansible-roles/nginx/tasks/create_default_cert.yml

19 lines
792 B
YAML
Raw Blame History

---
- name: Verify that ssl-cert is installed
apt:
name: ssl-cert
state: installed
- name: Create private key for default site ({{ ansible_fqdn }})
shell: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/C=FR/ST=PACA/L=Marseille/O=Evolix/CN={{ ansible_fqdn }}/emailAddress=security@evolix.net" 2>/dev/null
- name: Adjust rights on private key
file:
path: /etc/ssl/private/{{ ansible_fqdn }}.key
owner: root
group: ssl-cert
mode: 0640
- name: Create certificate for default site
shell: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt 2>/dev/null
Reference in a new issue View git blame Copy permalink