yaml syntax fixes, simplified letsencrypt cert-change check

2022-02-05 12:50:12 +01:00 · 2022-02-05 12:50:12 +01:00 · e9bdd2fd0b
parent 13568254e4
commit e9bdd2fd0b
7 changed files with 23 additions and 15 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,3 +1,4 @@
+---
 # These are supported funding model platforms

 patreon: ansibleguy
--- a/.yamllint
+++ b/.yamllint
@ -0,0 +1,9 @@
+---
+
+extends: default
+
+rules:
+  truthy:
+    allowed-values: ['true', 'false', 'yes', 'no']
+  line-length:
+    max: 150
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -27,14 +27,14 @@ default_certs:
    key_usage: 'serverAuth'  # serverAuth, clientAuth, codeSigning, emailProtection, timeStamping, ocspSigning
    ocsp_staple: false
    crl_distribution: []
-#      - full_name:
-#        - "URI:https://ca.example.com/revocations.crl"
-#        crl_issuer:
-#          - "URI:https://ca.example.com/"
-#        reasons:
-#          - key_compromise
-#          - ca_compromise
-#          - cessation_of_operation
+    #      - full_name:
+    #        - "URI:https://ca.example.com/revocations.crl"
+    #        crl_issuer:
+    #          - "URI:https://ca.example.com/"
+    #        reasons:
+    #          - key_compromise
+    #          - ca_compromise
+    #          - cessation_of_operation
    valid_days: 730

  mode_key: '0640'
--- a/filter_plugins/utils.py
+++ b/filter_plugins/utils.py
@ -55,12 +55,9 @@ class FilterModule(object):
        block_started = False
        for line in running_config.split('\n'):
            if block_started:
-                if line.find('Certificate Name:') != -1:
-                    # block ended
-                    break
-
-                elif line.find('Domains:') != -1:
+                if line.find('Domains:') != -1:
                    run_domains = line.split(': ')[1].split(' ')
+                    break

            elif line.find(f"Certificate Name: {cert_key}") != -1:
                block_started = True
--- a/meta/main.yml
+++ b/meta/main.yml
@ -15,4 +15,4 @@ galaxy_info:
        - bullseye
  galaxy_tags: []

-collections: []
+collections: []
--- a/requirements.yml
+++ b/requirements.yml
@ -1,3 +1,4 @@
+---
 # external roles and collections to download
 # install: ansible-galaxy install -r requirements.yml

--- a/tasks/debian/letsencrypt/cert.yml
+++ b/tasks/debian/letsencrypt/cert.yml
@ -13,7 +13,7 @@

 - name: "Certificates | Debian | LetsEncrypt Certbot | {{ le_name }} | Certbot command (FYI)"
  ansible.builtin.debug:
-    msg: "certbot certonly --non-interactive --agree-tos --no-redirect 
+    msg: "certbot certonly --non-interactive --agree-tos --no-redirect
    --{{ CERT_CONFIG.letsencrypt.service }} --cert-name {{ le_name }}
    -{{ CERT_CONFIG.letsencrypt.verbosity }}
    --rsa-key-size {{ le_cert.key_size | default(CERT_CONFIG.cert.key_size, true) }}