uacme roles almost done

author: Christian Pointner <equinox@spreadspace.org> 2023-08-16 23:38:07 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2023-08-20 22:12:03 +0200
commit: 5756978238ad7b7f2fe8dc46d511cfbd5245c0c3 (patch)
tree: 11c7adc7de6f7a566f870fedce50e39fb27756ee /dan
parent: add role: x509/selfsigned (diff)
1 files changed, 30 insertions, 29 deletions
diff --git a/dan/sk-testvm.yml b/dan/sk-testvm.yml
index de8e66ba..39835fad 100644
--- a/dan/sk-testvm.yml
+++ b/dan/sk-testvm.yml
@@ -11,9 +11,11 @@
 - name: Payload Setup
   hosts: sk-testvm
   vars:
-    # cert_provider: acmetool
+    acme_client: uacme
+    # acme_client: acmetool
+    cert_provider: "{{ acme_client }}"
     # cert_provider: static
-    cert_provider: selfsigned
+    # cert_provider: selfsigned
   roles:
   - role: "x509/{{ cert_provider }}/base"
   - role: nginx/base
@@ -57,20 +59,19 @@
             root: /var/www/default
             index: index.html
       # static_cert_config: "{{ static_cert_config__default }}"
-      selfsigned_cert_config:
-        cert:
-          organization_name: "elev8"
-          organizational_unit_name: "ansible"
-          key_usage:
-          - digitalSignature
-          - keyAgreement
-          key_usage_critical: yes
-          extended_key_usage:
-          - serverAuth
-          extended_key_usage_critical: yes
-          create_subject_key_identifier: yes
-          not_after: +1000w
-
+      # selfsigned_cert_config:
+      #   cert:
+      #     organization_name: "elev8"
+      #     organizational_unit_name: "ansible"
+      #     key_usage:
+      #     - digitalSignature
+      #     - keyAgreement
+      #     key_usage_critical: yes
+      #     extended_key_usage:
+      #     - serverAuth
+      #     extended_key_usage_critical: yes
+      #     create_subject_key_identifier: yes
+      #     not_after: +1000w
     include_role:
       name: nginx/vhost
 
@@ -108,18 +109,18 @@
             root: /var/www/test
             index: index.html
       # static_cert_config: "{{ static_cert_config__test }}"
-      selfsigned_cert_config:
-        cert:
-          organization_name: "spreadspace"
-          organizational_unit_name: "ansible"
-          key_usage:
-          - digitalSignature
-          - keyAgreement
-          key_usage_critical: yes
-          extended_key_usage:
-          - serverAuth
-          extended_key_usage_critical: yes
-          create_subject_key_identifier: yes
-          not_after: +100w
+      # selfsigned_cert_config:
+      #   cert:
+      #     organization_name: "spreadspace"
+      #     organizational_unit_name: "ansible"
+      #     key_usage:
+      #     - digitalSignature
+      #     - keyAgreement
+      #     key_usage_critical: yes
+      #     extended_key_usage:
+      #     - serverAuth
+      #     extended_key_usage_critical: yes
+      #     create_subject_key_identifier: yes
+      #     not_after: +100w
     include_role:
       name: nginx/vhost
author	Christian Pointner <equinox@spreadspace.org>	2023-08-16 23:38:07 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2023-08-20 22:12:03 +0200
commit	5756978238ad7b7f2fe8dc46d511cfbd5245c0c3 (patch)
tree	11c7adc7de6f7a566f870fedce50e39fb27756ee /dan
parent	add role: x509/selfsigned (diff)