diff options
author | Christian Pointner <equinox@spreadspace.org> | 2023-08-16 03:33:05 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2023-08-20 22:12:03 +0200 |
commit | 7d3f6ae25ce4a5d6e14b3ec6d95cd54165e0a646 (patch) | |
tree | ddb74aba21cb028a06eb7a7d224ff26ed91935cf /dan | |
parent | add role: x509/static (diff) |
add role: x509/selfsigned
Diffstat (limited to 'dan')
-rw-r--r-- | dan/sk-testvm.yml | 35 |
1 files changed, 32 insertions, 3 deletions
diff --git a/dan/sk-testvm.yml b/dan/sk-testvm.yml index c66601cb..de8e66ba 100644 --- a/dan/sk-testvm.yml +++ b/dan/sk-testvm.yml @@ -11,7 +11,9 @@ - name: Payload Setup hosts: sk-testvm vars: - cert_provider: static + # cert_provider: acmetool + # cert_provider: static + cert_provider: selfsigned roles: - role: "x509/{{ cert_provider }}/base" - role: nginx/base @@ -54,7 +56,21 @@ '/': root: /var/www/default index: index.html - static_cert_config: "{{ static_cert_config__default }}" + # static_cert_config: "{{ static_cert_config__default }}" + selfsigned_cert_config: + cert: + organization_name: "elev8" + organizational_unit_name: "ansible" + key_usage: + - digitalSignature + - keyAgreement + key_usage_critical: yes + extended_key_usage: + - serverAuth + extended_key_usage_critical: yes + create_subject_key_identifier: yes + not_after: +1000w + include_role: name: nginx/vhost @@ -91,6 +107,19 @@ '/': root: /var/www/test index: index.html - static_cert_config: "{{ static_cert_config__test }}" + # static_cert_config: "{{ static_cert_config__test }}" + selfsigned_cert_config: + cert: + organization_name: "spreadspace" + organizational_unit_name: "ansible" + key_usage: + - digitalSignature + - keyAgreement + key_usage_critical: yes + extended_key_usage: + - serverAuth + extended_key_usage_critical: yes + create_subject_key_identifier: yes + not_after: +100w include_role: name: nginx/vhost |