From 7f2ad06ed91f5fbaec1ccad2b6876454e0d10c11 Mon Sep 17 00:00:00 2001
From: Kyr Shatskyy <kyrylo.shatskyy@gmail.com>
Date: Tue, 19 Mar 2019 19:59:36 +0100
Subject: [PATCH] nsupdate_web: copy keys from secrets dir if present

Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@gmail.com>
(cherry picked from commit bac5f08eca5fa018adb16be9db4457cb42c73039)
---
 roles/nsupdate_web/tasks/main.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/roles/nsupdate_web/tasks/main.yml b/roles/nsupdate_web/tasks/main.yml
index 3d29452..591d932 100644
--- a/roles/nsupdate_web/tasks/main.yml
+++ b/roles/nsupdate_web/tasks/main.yml
@@ -29,6 +29,24 @@
     system: true
     shell: "/bin/false"
 
+- name: Make sure keys_dir exists
+  file:
+    path: "{{ keys_dir }}"
+    state: directory
+    owner: "{{ nsupdate_web_user }}"
+    group: "{{ nsupdate_web_user }}"
+  when: "'{{ secrets_path }}/{{ pubkey_name }}' is file"
+
+- name: Copy .key and .private keys to keys_dir
+  copy:
+    src: "{{ item }}"
+    dest: "{{ keys_dir }}/"
+    owner: "{{ nsupdate_web_user }}"
+    group: "{{ nsupdate_web_user }}"
+  with_fileglob:
+    - "{{ secrets_path }}/{{ pubkey_name | regex_replace('\\.[^\\.]+$', '') }}.*"
+  when: "'{{ secrets_path }}/{{ pubkey_name }}' is file"
+
 - name: Clone nsupdate_web repo
   git:
     repo: "{{ nsupdate_web_repo }}"
-- 
2.39.5