Loading handlers/main.yml 0 → 100644 +6 −0 Original line number Diff line number Diff line --- - name: Restart ipa ansible.builtin.systemd: name: httpd.service state: restarted meta/main.yml 0 → 100644 +74 −0 Original line number Diff line number Diff line galaxy_info: author: Dmitriy Safronov <zimniy@cyberbrain.pw> description: FreeIPA Letsencrypt Certs Httpd # company: your company (optional) # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker issue_tracker_url: https://gitlab.cyberbrain.pw/ansible/roles/freeipa_le_certs_httpd/-/issues # Choose a valid license ID from https://spdx.org - some suggested licenses: # - BSD-3-Clause (default) # - MIT # - GPL-2.0-or-later # - GPL-3.0-only # - Apache-2.0 # - CC-BY-4.0 license: LGPL-2.0-or-later min_ansible_version: 2.9 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: # # Provide a list of supported platforms, and for each platform a list of versions. # If you don't wish to enumerate all versions for a particular platform, use 'all'. # To view available platforms and versions (or releases), visit: # https://galaxy.ansible.com/api/v1/platforms/ # # platforms: # - name: Fedora # versions: # - all # - 25 # - name: SomePlatform # versions: # - all # - 1.0 # - 7 # - 99.99 platforms: - name: Ubuntu versions: - focal - bionic - name: Linux Mint versions: - ulyssa - ulyana - tricia - name: Debian versions: - buster - name: Centos versions: - 8 - 8-stream galaxy_tags: [] # List tags for your role here, one per line. A tag is a keyword that describes # and categorizes the role. Users find roles by searching for tags. Be sure to # remove the '[]' above, if you add tags to this list. # # NOTE: A tag is limited to a single word comprised of alphanumeric characters. # Maximum 20 tags per role. dependencies: - { role: ssl_refresher, ssl_refresher_success: "systemctl restart httpd.service" } #[] # List your role dependencies here, one per line. Be sure to remove the '[]' above, # if you add dependencies to this list. allow_duplicates: no tasks/main.yml 0 → 100644 +29 −0 Original line number Diff line number Diff line --- - name: Update IPA certs ansible.builtin.shell: ipa-certupdate changed_when: False - name: Put cert in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" # insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateFile .*" line: "SSLCertificateFile /opt/ssl/fullchain.pem" backup: yes notify: - Restart ipa - name: Put key in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" # insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateKeyFile .*" line: "SSLCertificateKeyFile /opt/ssl/privkey.pem" backup: yes notify: - Restart ipa Loading
handlers/main.yml 0 → 100644 +6 −0 Original line number Diff line number Diff line --- - name: Restart ipa ansible.builtin.systemd: name: httpd.service state: restarted
meta/main.yml 0 → 100644 +74 −0 Original line number Diff line number Diff line galaxy_info: author: Dmitriy Safronov <zimniy@cyberbrain.pw> description: FreeIPA Letsencrypt Certs Httpd # company: your company (optional) # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker issue_tracker_url: https://gitlab.cyberbrain.pw/ansible/roles/freeipa_le_certs_httpd/-/issues # Choose a valid license ID from https://spdx.org - some suggested licenses: # - BSD-3-Clause (default) # - MIT # - GPL-2.0-or-later # - GPL-3.0-only # - Apache-2.0 # - CC-BY-4.0 license: LGPL-2.0-or-later min_ansible_version: 2.9 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: # # Provide a list of supported platforms, and for each platform a list of versions. # If you don't wish to enumerate all versions for a particular platform, use 'all'. # To view available platforms and versions (or releases), visit: # https://galaxy.ansible.com/api/v1/platforms/ # # platforms: # - name: Fedora # versions: # - all # - 25 # - name: SomePlatform # versions: # - all # - 1.0 # - 7 # - 99.99 platforms: - name: Ubuntu versions: - focal - bionic - name: Linux Mint versions: - ulyssa - ulyana - tricia - name: Debian versions: - buster - name: Centos versions: - 8 - 8-stream galaxy_tags: [] # List tags for your role here, one per line. A tag is a keyword that describes # and categorizes the role. Users find roles by searching for tags. Be sure to # remove the '[]' above, if you add tags to this list. # # NOTE: A tag is limited to a single word comprised of alphanumeric characters. # Maximum 20 tags per role. dependencies: - { role: ssl_refresher, ssl_refresher_success: "systemctl restart httpd.service" } #[] # List your role dependencies here, one per line. Be sure to remove the '[]' above, # if you add dependencies to this list. allow_duplicates: no
tasks/main.yml 0 → 100644 +29 −0 Original line number Diff line number Diff line --- - name: Update IPA certs ansible.builtin.shell: ipa-certupdate changed_when: False - name: Put cert in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" # insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateFile .*" line: "SSLCertificateFile /opt/ssl/fullchain.pem" backup: yes notify: - Restart ipa - name: Put key in httpd config ansible.builtin.lineinfile: path: "/etc/httpd/conf.d/ssl.conf" state: present insertafter: "^<VirtualHost +_default_:443>$" # insertbefore: "^</VirtualHost>$" regexp: "^SSLCertificateKeyFile .*" line: "SSLCertificateKeyFile /opt/ssl/privkey.pem" backup: yes notify: - Restart ipa
