ansible: create an ssl task

author Alfredo Deza <adeza@redhat.com>

Wed, 20 Jul 2016 20:51:53 +0000 (16:51 -0400)

committer Alfredo Deza <adeza@redhat.com>

Fri, 22 Jul 2016 12:09:44 +0000 (08:09 -0400)
author Alfredo Deza <adeza@redhat.com>
Wed, 20 Jul 2016 20:51:53 +0000 (16:51 -0400)
committer Alfredo Deza <adeza@redhat.com>
Fri, 22 Jul 2016 12:09:44 +0000 (08:09 -0400)
diff --git a/ansible/roles/nginx/tasks/ssl.yml b/ansible/roles/nginx/tasks/ssl.yml

new file mode 100644 (file)

index 0000000..990badc
--- /dev/null
+++ b/ansible/roles/nginx/tasks/ssl.yml
@@ -0,0 +1,34 @@
+---
+
+- name: ensure ssl certs directory
+  file:
+    dest: /etc/ssl/certs
+    state: directory
+  sudo: true
+
+- name: ensure ssl private directory
+  file:
+    dest: /etc/ssl/private
+    state: directory
+  sudo: true
+
+- name: copy SSL cert
+  copy:
+    src: "{{ ssl_cert_path }}"
+    dest: "/etc/ssl/certs/{{ item.fqdn }}-bundled.crt"
+    mode: 0777
+    force: no
+  sudo: true
+  notify: restart nginx
+  when: nginx_hosts is defined
+  with_items: nginx_hosts
+
+- name: copy SSL key
+  copy:
+    src: "{{ ssl_key_path }}"
+    dest: "/etc/ssl/private/{{ item.fqdn }}.key"
+    force: no
+  sudo: true
+  notify: restart nginx
+  when: nginx_hosts is defined
+  with_items: nginx_hosts
author	Alfredo Deza <adeza@redhat.com>
	Wed, 20 Jul 2016 20:51:53 +0000 (16:51 -0400)
committer	Alfredo Deza <adeza@redhat.com>
	Fri, 22 Jul 2016 12:09:44 +0000 (08:09 -0400)