uacme: eab hmac key is most likely already encoded and doesn't need additional encoding

2 files changed, 1 insertions, 27 deletions

diff --git a/roles/x509/uacme/base/filter_plugins/uacme.py b/roles/x509/uacme/base/filter_plugins/uacme.py
deleted file mode 100644
index 07a87db5..00000000
--- a/roles/x509/uacme/base/filter_plugins/uacme.py
+++ /dev/null
@@ -1,26 +0,0 @@
-from __future__ import (absolute_import, division, print_function)
-__metaclass__ = type
-
-from functools import partial
-from base64 import urlsafe_b64encode
-
-from ansible import errors
-from ansible.module_utils.common.text import formatters
-from ansible.module_utils._text import to_bytes, to_text
-
-
-def uacme_eab_param(eab):
-    try:
-        return "%s:%s" % (eab['keyid'], to_text(urlsafe_b64encode(to_bytes(eab['key'], errors='surrogate_or_strict'))).strip("="))
-    except Exception as e:
-        raise errors.AnsibleFilterError("uacme_eab_param(): %s" % str(e))
-
-
-class FilterModule(object):
-
-    filter_map = {
-        'uacme_eab_param': uacme_eab_param,
-    }
-
-    def filters(self):
-        return self.filter_map
diff --git a/roles/x509/uacme/base/tasks/main.yml b/roles/x509/uacme/base/tasks/main.yml
index f52c3cf0..34f91950 100644
--- a/roles/x509/uacme/base/tasks/main.yml
+++ b/roles/x509/uacme/base/tasks/main.yml
@@ -7,7 +7,7 @@
     state: present
 
 - name: create acme account key
-  command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y{% if uacme_eab is defined %} -e '{{ uacme_eab | uacme_eab_param }}'{% endif %} new '{{ uacme_account_email }}'"
+  command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y{% if uacme_eab is defined %} -e '{{ uacme_eab.keyid }}:{{ uacme_eab.key }}'{% endif %} new '{{ uacme_account_email }}'"
   args:
     creates: /var/lib/uacme.d/private/key.pem