ansible/roles/doorlock/tasks/main.yml

---

- name: Ensure certificates are available
  command:
    cmd: >
      openssl req -x509 -nodes -newkey rsa:2048
      -keyout /etc/nginx/ssl/{{ doorlock_domain }}.key -out /etc/nginx/ssl/{{ doorlock_domain }}.crt
      -days 730 -subj "/CN={{ doorlock_domain }}"
    creates: /etc/nginx/ssl/{{ doorlock_domain }}.crt
  notify: Restart nginx

- name: Request nsupdate key for certificate
  include_role: name=acme-dnskey-generate
  vars:
    acme_dnskey_san_domains:
    - "{{ doorlock_domain }}"

- name: Configure certificate manager for doorlock
  template: src=certs.j2 dest=/etc/acertmgr/{{ doorlock_domain }}.conf
  notify: Run acertmgr
doorlock: first steps towards an auweg doorlock 2022-11-17 16:00:20 +01:00			`---`

			`- name: Ensure certificates are available`
			`command:`
			`cmd: >`
			`openssl req -x509 -nodes -newkey rsa:2048`
			`-keyout /etc/nginx/ssl/{{ doorlock_domain }}.key -out /etc/nginx/ssl/{{ doorlock_domain }}.crt`
			`-days 730 -subj "/CN={{ doorlock_domain }}"`
			`creates: /etc/nginx/ssl/{{ doorlock_domain }}.crt`
			`notify: Restart nginx`

			`- name: Request nsupdate key for certificate`
			`include_role: name=acme-dnskey-generate`
			`vars:`
			`acme_dnskey_san_domains:`
			`- "{{ doorlock_domain }}"`

			`- name: Configure certificate manager for doorlock`
			`template: src=certs.j2 dest=/etc/acertmgr/{{ doorlock_domain }}.conf`
			`notify: Run acertmgr`