Loading run.yml +36 −5 Original line number Diff line number Diff line Loading @@ -23,11 +23,42 @@ roles: - ssl_refresher #- name: Bind ssl-refresher certs # hosts: ipaserver:ipareplicas # become: yes # tasks: # - ssl_refresher - name: Bind ssl-refresher certs hosts: ipaserver:ipareplicas become: yes tasks: - name: Comment cert in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateFile +/var/lib/ipa/certs/httpd.crt$" replace: "#SSLCertificateFile /var/lib/ipa/certs/httpd.crt" - name: Comment key in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateKeyFile +/var/lib/ipa/private/httpd.key$" replace: "#SSLCertificateKeyFile /var/lib/ipa/private/httpd.key" - name: Put cert in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateFile +/var/lib/ipa/certs/httpd.crt$" replace: "SSLCertificateFile /opt/ssl/fullchain.pem" - name: Put key in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateKeyFile +/var/lib/ipa/private/httpd.key$" replace: "SSLCertificateKeyFile /opt/ssl/privkey.pem" - name: Install ucarp with dependencies hosts: ipaserver:ipareplicas Loading Loading
run.yml +36 −5 Original line number Diff line number Diff line Loading @@ -23,11 +23,42 @@ roles: - ssl_refresher #- name: Bind ssl-refresher certs # hosts: ipaserver:ipareplicas # become: yes # tasks: # - ssl_refresher - name: Bind ssl-refresher certs hosts: ipaserver:ipareplicas become: yes tasks: - name: Comment cert in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateFile +/var/lib/ipa/certs/httpd.crt$" replace: "#SSLCertificateFile /var/lib/ipa/certs/httpd.crt" - name: Comment key in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateKeyFile +/var/lib/ipa/private/httpd.key$" replace: "#SSLCertificateKeyFile /var/lib/ipa/private/httpd.key" - name: Put cert in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateFile +/var/lib/ipa/certs/httpd.crt$" replace: "SSLCertificateFile /opt/ssl/fullchain.pem" - name: Put key in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateKeyFile +/var/lib/ipa/private/httpd.key$" replace: "SSLCertificateKeyFile /opt/ssl/privkey.pem" - name: Install ucarp with dependencies hosts: ipaserver:ipareplicas Loading
