From 5c9456d6b8770aa20f0c81806d57367e40ed3f09 Mon Sep 17 00:00:00 2001 From: Sprinterfreak Date: Tue, 7 May 2019 21:27:54 +0200 Subject: [PATCH] acertmgr config generator init --- .gitignore | 2 ++ LICENSE | 13 +++++++++++++ README.md | 5 +++++ main.yml.example | 24 ++++++++++++++++++++++++ roles/acertmgr/tasks/main.yml | 14 ++++++++++++++ roles/acertmgr/templates/domain.conf.j2 | 8 ++++++++ 6 files changed, 66 insertions(+) create mode 100644 .gitignore create mode 100644 LICENSE create mode 100644 README.md create mode 100644 main.yml.example create mode 100644 roles/acertmgr/tasks/main.yml create mode 100644 roles/acertmgr/templates/domain.conf.j2 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ab47601 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*.retry + diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..185c590 --- /dev/null +++ b/LICENSE @@ -0,0 +1,13 @@ +Copyright (c) 2019 Jan-Jonas Sämann + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..f6fda82 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +# Domain Config Generaor + +Generate and roll configuration for apache, nginx and acertmgr. + +Allow to define domains, just redirecting alias domains and the necessarry configuration to get all certificates for this to work automatically. diff --git a/main.yml.example b/main.yml.example new file mode 100644 index 0000000..f1f9d8e --- /dev/null +++ b/main.yml.example @@ -0,0 +1,24 @@ +--- +# vim: set et ts=2 sw=2 ai: + +- hosts: all + vars: + master_vhosts: + - name: domain.nx + inet_addr: 10.1.1.2 + alias: [www.domain.nx] + redirect_vhosts: + - name: domain.ny + inet_addr: 10.1.1.3 + alias: [www.domain.ny,www2.domain.ny] + cert_domain: domain.nx + - name: no.tld + inet_addr: 10.1.1.21 + alias: [ftp.no.tld,ftp.domain.nx] + - name: some.do + alias: [www.some.do] + inet_addr: 10.1.2.3 + cert_domain: domain.nx + + roles: + - acertmgr diff --git a/roles/acertmgr/tasks/main.yml b/roles/acertmgr/tasks/main.yml new file mode 100644 index 0000000..6ce987b --- /dev/null +++ b/roles/acertmgr/tasks/main.yml @@ -0,0 +1,14 @@ +--- +# vim: set et ts=2 sw=2 ai: + +- name: Build acertmgr domain config + vars: + domain_group: + - "{{ [item.name] }}" + - "{{ ( item.alias or [] ) }}" + - "{{ ( ( redirect_vhosts | selectattr('alias', 'defined') | selectattr('cert_domain', 'defined') | selectattr('cert_domain', 'equalto', item.name) | map(attribute='alias') | flatten ) or [] ) }}" + - "{{ ( ( redirect_vhosts | selectattr('alias', 'defined') | selectattr('cert_domain', 'defined') | selectattr('cert_domain', 'equalto', item.name) | map(attribute='name') | flatten ) or [] ) }}" + template: + src: domain.conf.j2 + dest: "/etc/acertmgr/{{ item.name }}.conf" + loop: "{{ master_vhosts }}" diff --git a/roles/acertmgr/templates/domain.conf.j2 b/roles/acertmgr/templates/domain.conf.j2 new file mode 100644 index 0000000..8675ee1 --- /dev/null +++ b/roles/acertmgr/templates/domain.conf.j2 @@ -0,0 +1,8 @@ +--- + +{{ domain_group | flatten | join(' ') }}: +- path: /etc/{{ server_software | default('apache2') }}/ssl/{{ item.name }}.key + format: key +- path: /etc/{{ server_software | default('apache2') }}/ssl/{{ item.name }}.crt + format: crt,ca + action: '/sbin/systemctl restart {{ server_software | default('apache2') }}'