diff --git a/roles/netbox/tasks/main.yml b/roles/netbox/tasks/main.yml index 5e5b3b6..a0a5068 100644 --- a/roles/netbox/tasks/main.yml +++ b/roles/netbox/tasks/main.yml @@ -29,15 +29,15 @@ - name: Configure PostgreSQL database postgresql_db: - name: '{{ netbox_dbname }}' + name: "{{ netbox_dbname }}" become: true become_user: postgres - name: Configure PostgreSQL user postgresql_user: - db: '{{ netbox_dbname }}' - name: '{{ netbox_dbuser }}' - password: '{{ netbox_dbpass }}' + db: "{{ netbox_dbname }}" + name: "{{ netbox_dbuser }}" + password: "{{ netbox_dbpass }}" priv: ALL state: present become: true @@ -48,39 +48,39 @@ - name: Unpack netbox unarchive: - src: 'https://github.com/netbox-community/netbox/archive/v{{ netbox_version }}.tar.gz' + src: "https://github.com/netbox-community/netbox/archive/v{{ netbox_version }}.tar.gz" dest: /opt remote_src: yes - creates: '/opt/netbox-{{ netbox_version }}' + creates: "/opt/netbox-{{ netbox_version }}" register: netbox_unarchive - name: Configure netbox template: src: configuration.py.j2 - dest: '/opt/netbox-{{ netbox_version }}/netbox/netbox/configuration.py' - owner: '{{ netbox_user }}' - group: '{{ netbox_group }}' + dest: "/opt/netbox-{{ netbox_version }}/netbox/netbox/configuration.py" + owner: "{{ netbox_user }}" + group: "{{ netbox_group }}" - name: Configure gunicorn template: src: gunicorn.py.j2 - dest: '/opt/netbox-{{ netbox_version }}/gunicorn.py' - owner: '{{ netbox_user }}' - group: '{{ netbox_group }}' + dest: "/opt/netbox-{{ netbox_version }}/gunicorn.py" + owner: "{{ netbox_user }}" + group: "{{ netbox_group }}" - name: Netbox file permissions file: - path: '/opt/netbox-{{ netbox_version }}' - owner: '{{ netbox_user }}' - group: '{{ netbox_group }}' + path: "/opt/netbox-{{ netbox_version }}" + owner: "{{ netbox_user }}" + group: "{{ netbox_group }}" recurse: yes - name: Run upgrade script command: cmd: ./upgrade.sh - chdir: '/opt/netbox-{{ netbox_version }}' + chdir: "/opt/netbox-{{ netbox_version }}" become: true - become_user: '{{ netbox_user }}' + become_user: "{{ netbox_user }}" when: netbox_unarchive.changed # TODO - still manual work @@ -99,9 +99,16 @@ openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ netbox_domain }}.key -out /etc/nginx/ssl/{{ netbox_domain }}.crt -days 730 -subj "/CN={{ netbox_domain }}" - creates: '/etc/nginx/ssl/{{ netbox_domain }}.crt' + creates: "/etc/nginx/ssl/{{ netbox_domain }}.crt" notify: Restart nginx +- name: Request nsupdate key for certificate + include_role: name=acme-dnskey-generate + vars: + acme_dnskey_san_domains: + - "{{ netbox_domain }}" + when: "'kitchen' in group_names" + - name: Configure certificate manager for netbox template: src=certs.j2 dest=/etc/acertmgr/{{ netbox_domain }}.conf notify: Run acertmgr @@ -111,7 +118,7 @@ src: vhost.j2 dest: /etc/nginx/sites-available/netbox owner: root - mode: '0644' + mode: "0644" notify: Restart nginx - name: Enable vhost