diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2023-08-30 19:11:53 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2023-08-30 19:11:53 +0200 |
| commit | ec1ad67ecc363802c0a1312afe767905cacb8fcf (patch) | |
| tree | 55712208adb98411357d8645b8d68ad3c7681a5b | |
| parent | fix tls config for monitoring/landingpage (diff) | |
fix variable usage in x509 roles
| -rw-r--r-- | roles/x509/acmetool/cert/prepare/defaults/main.yml | 1 | ||||
| -rw-r--r-- | roles/x509/acmetool/cert/prepare/tasks/main.yml | 10 | ||||
| -rw-r--r-- | roles/x509/uacme/cert/prepare/tasks/main.yml | 4 |
3 files changed, 8 insertions, 7 deletions
diff --git a/roles/x509/acmetool/cert/prepare/defaults/main.yml b/roles/x509/acmetool/cert/prepare/defaults/main.yml index d4eb7c86..1765a557 100644 --- a/roles/x509/acmetool/cert/prepare/defaults/main.yml +++ b/roles/x509/acmetool/cert/prepare/defaults/main.yml @@ -1,2 +1,3 @@ --- acmetool_cert_hostnames: "{{ x509_certificate_hostnames }}" +acmetool_cert_name: "{{ x509_certificate_name | default(acmetool_cert_hostnames[0]) }}" diff --git a/roles/x509/acmetool/cert/prepare/tasks/main.yml b/roles/x509/acmetool/cert/prepare/tasks/main.yml index 2db332b8..df034e9d 100644 --- a/roles/x509/acmetool/cert/prepare/tasks/main.yml +++ b/roles/x509/acmetool/cert/prepare/tasks/main.yml @@ -47,13 +47,13 @@ - name: install custom hook script template: src: reload.sh.j2 - dest: "/etc/acme/hooks/{{ x509_certificate_name }}" + dest: "/etc/acme/hooks/{{ acmetool_cert_name }}" mode: 0755 - name: install acmetool systemd unit snippet when: "'install' in x509_certificate_renewal" copy: - dest: "/etc/systemd/system/acmetool.service.d/{{ x509_certificate_name }}.conf" + dest: "/etc/systemd/system/acmetool.service.d/{{ acmetool_cert_name }}.conf" content: | [Service] {% for path in (x509_certificate_renewal.install | map(attribute='dest') | map('dirname') | unique | list) %} @@ -64,15 +64,15 @@ - name: remove acmetool systemd unit snippet when: "'install' not in x509_certificate_renewal" file: - path: "/etc/systemd/system/acmetool.service.d/{{ x509_certificate_name }}.conf" + path: "/etc/systemd/system/acmetool.service.d/{{ acmetool_cert_name }}.conf" state: absent notify: reload systemd - name: remove custom renewal script when: x509_certificate_renewal is not defined loop: - - "/etc/systemd/system/acmetool.service.d/{{ x509_certificate_name }}.conf" - - "/etc/acme/hooks/{{ x509_certificate_name }}" + - "/etc/systemd/system/acmetool.service.d/{{ acmetool_cert_name }}.conf" + - "/etc/acme/hooks/{{ acmetool_cert_name }}" file: path: "{{ item }}" state: absent diff --git a/roles/x509/uacme/cert/prepare/tasks/main.yml b/roles/x509/uacme/cert/prepare/tasks/main.yml index a83651b3..c1420369 100644 --- a/roles/x509/uacme/cert/prepare/tasks/main.yml +++ b/roles/x509/uacme/cert/prepare/tasks/main.yml @@ -96,7 +96,7 @@ - name: install systemd unit snippet when: "x509_certificate_renewal is defined and 'install' in x509_certificate_renewal" copy: - dest: "/etc/systemd/system/uacme-reconcile.service.d/{{ x509_certificate_name }}.conf" + dest: "/etc/systemd/system/uacme-reconcile.service.d/{{ uacme_cert_name }}.conf" content: | [Service] {% for path in (x509_certificate_renewal.install | map(attribute='dest') | map('dirname') | unique | list) %} @@ -107,6 +107,6 @@ - name: remove systemd unit snippet when: "x509_certificate_renewal is undefined or 'install' not in x509_certificate_renewal" file: - path: "/etc/systemd/system/uacme-reconcile.service.d/{{ x509_certificate_name }}.conf" + path: "/etc/systemd/system/uacme-reconcile.service.d/{{ uacme_cert_name }}.conf" state: absent notify: reload systemd |