47 lines
1.3 KiB
YAML
47 lines
1.3 KiB
YAML
---
|
|
|
|
# todo: allow for a dictionary of certs to be passed
|
|
|
|
- name: Certificates | Checking config
|
|
ansible.builtin.assert:
|
|
that:
|
|
- certs is defined
|
|
tags: always
|
|
|
|
- name: Certificates | Showing debug info - user provided config
|
|
ansible.builtin.debug:
|
|
var: certs
|
|
when: debug | bool
|
|
|
|
- name: Certificates | Showing debug info - running config
|
|
ansible.builtin.debug:
|
|
var: CERT_CONFIG
|
|
when: debug | bool
|
|
|
|
- name: Certificates | Checking for invalid domains/hostnames
|
|
ansible.builtin.pause:
|
|
prompt: "It seems you have configured an invalid domain/hostname: '{{ item }}' - do you want to continue?"
|
|
when:
|
|
- not no_prompts
|
|
- not item | valid_hostname
|
|
- not item | valid_ip
|
|
loop: "{{ CERT_CONFIG.cert.domains }}"
|
|
|
|
- name: Certificates | Internal signed
|
|
ansible.builtin.include_tasks: internal/main.yml
|
|
when: "CERT_CONFIG.mode in ['pki', 'ca', 'selfsigned']"
|
|
|
|
- name: Certificates | Internal | CA
|
|
ansible.builtin.include_tasks: debian/pki.yml
|
|
when: CERT_CONFIG.mode == 'pki'
|
|
|
|
- name: Certificates | Letsencrypt
|
|
ansible.builtin.include_tasks: debian/letsencrypt/main.yml
|
|
when:
|
|
- CERT_CONFIG.mode == 'le_certbot'
|
|
- "ansible_distribution|lower in ['debian', 'ubuntu']"
|
|
|
|
- name: Certificates | Snakeoil
|
|
ansible.builtin.include_tasks: snakeoil.yml
|
|
when: "CERT_CONFIG.mode in ['snakeoil', 'quick']"
|