Commit | Line | Data |
---|---|---|
83d6ed6c KS |
1 | --- |
2 | - name: Deploy internal certificate | |
3 | ansible.builtin.copy: | |
b519cea9 | 4 | dest: "{{common_certificate_cert_path_prefix}}/internal.efficios.com.pem" |
83d6ed6c KS |
5 | mode: '0644' |
6 | owner: 'root' | |
7 | group: 'root' | |
8 | src: 'internal.efficios.com.pem' | |
458824b8 | 9 | register: cert |
83d6ed6c KS |
10 | - name: Deploy internal certificate key |
11 | ansible.builtin.copy: | |
b519cea9 | 12 | dest: "{{common_certificate_key_path_prefix}}/internal.efficios.com.key" |
ed7ece9a | 13 | mode: '0600' |
83d6ed6c KS |
14 | owner: 'root' |
15 | group: 'root' | |
16 | content: "{{lookup('community.general.bitwarden', 'TLS Certificate internal.efficios.com', collection_id='35c5d8b1-2520-4450-a479-aef50131b930')[0]['notes'] }}" | |
458824b8 KS |
17 | register: key |
18 | - name: Deploy combined cert+key | |
19 | # haproxy uses a combined certificate and key file | |
b519cea9 | 20 | when: (cert.changed or key.changed) and common_certificate_deploy_combined_pem |
458824b8 | 21 | ansible.builtin.shell: |
b519cea9 | 22 | cmd: "cat {{common_certificate_cert_path_prefix}}/internal.efficios.com.pem {{common_certificate_key_path_prefix}}/internal.efficios.com.key > {{common_certificate_key_path_prefix}}/internal.efficios.com.pem" |