init

LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 AnsibleGuy
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,55 @@
+# Ansible Role for certificate generation
+
+**Tested:**
+* Debian 11
+
+## Functionality
+
+* Package installation
+  * Ansible dependencies (_minimal_)
+  * 
+* Configuration
+  * Two Possible Modes
+    * Generate Self-Signed certificate
+    * Create an internal-ca and generate certificates using it
+  * Default config:
+    * Mode => Self-Signed
+  * Default opt-ins:
+    * 
+  * Default opt-outs:
+    * 
+
+
+## Info
+
+* **Note:** this role currently only supports debian-based systems
+
+
+* **Note:** Most of this functionality can be opted in or out using the main defaults file and variables!
+
+
+
+## Requirements
+
+* Community collection: ```ansible-galaxy install -r requirements.yml```
+
+
+## Usage
+
+Define the config as needed:
+
+```yaml
+app:
+
+```
+
+Run the playbook:
+```bash
+ansible-playbook -K -D -i inventory/hosts.yml playbook.yml
+```
+
+There are also some useful **tags** available:
+* base => only configure basics; sites will not be touched
+* sites
+* config
+* certs

defaults/main.yml

@@ -0,0 +1,8 @@
+---
+
+# default config => is overwritten by provided config
+default_app: {}
+
+APP_CONFIG: "{{ default_app | combine(app, recursive=true) }}"
+
+default_instance_config: {}

filter_plugins/utils.py

@@ -0,0 +1,21 @@
+from re import sub as regex_replace
+
+
+class FilterModule(object):
+
+    def filters(self):
+        return {
+            "safe_key": self.safe_key,
+            "fallback": self.fallback,
+        }
+
+    @staticmethod
+    def safe_key(key: str) -> str:
+        return regex_replace('[^0-9a-zA-Z]+', '', key.replace(' ', '_'))
+
+    @staticmethod
+    def fallback(opt1: str, opt2: str) -> str:
+        if opt1 not in [None, '', 'None', 'none', ' ']:
+            return opt1
+
+        return opt2

meta/main.yml

@@ -0,0 +1,18 @@
+---
+
+galaxy_info:
+  author: 'AnsibleGuy <guy@ansibleguy.net>'
+  readme: 'README.md'
+  license: 'MIT'
+  repository: 'https://github.com/ansibleguy/ROLE'
+  issue_tracker_url: 'https://github.com/ansibleguy/ROLE/issues'
+  github_branch: 'stable'
+  min_ansible_version: 2.9.0
+  description: ''
+  platforms:
+    - name: Debian
+      versions:
+        - bullseye
+  galaxy_tags: []
+
+collections: []

playbook.yml

@@ -0,0 +1,9 @@
+---
+
+# ansible-playbook -K -D -i inventory/hosts.yml playbook.yml
+
+- hosts: all   # should be limited
+  become: true
+  gather_facts: yes
+  roles:
+  - ansibleguy.ROLE

requirements.yml

@@ -0,0 +1,6 @@
+# external roles and collections to download
+# install: ansible-galaxy install -r requirements.yml
+
+collections: []
+#  - name: 'community.general'
+#    source: 'https://galaxy.ansible.com'

tasks/debian/main.yml

@@ -0,0 +1,6 @@
+---
+
+- name: ROLE | Debian | Task
+  ansible.builtin.apt:
+    pkg: "{{ something }}"
+  tags: [base]

tasks/main.yml

@@ -0,0 +1,5 @@
+---
+
+- name: ROLE | Processing debian config
+  ansible.builtin.import_tasks: debian/main.yml
+  when: "ansible_distribution|lower in ['debian', 'ubuntu']"