some more tests with new x509/certifcate roles

author: Christian Pointner <equinox@spreadspace.org> 2023-08-17 23:23:38 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2023-08-20 22:12:03 +0200
commit: cc8d08920bfb43eabbb075b42eaad76e6e0be203 (patch)
tree: c63713c1c8bc9a38895cd7e83e8fb63a059bd215 /dan
parent: uacme: add automatic refresh timer/service (diff)
1 files changed, 7 insertions, 31 deletions
diff --git a/dan/sk-testvm.yml b/dan/sk-testvm.yml
index 39835fad..bffb2c9b 100644
--- a/dan/sk-testvm.yml
+++ b/dan/sk-testvm.yml
@@ -11,11 +11,11 @@
 - name: Payload Setup
   hosts: sk-testvm
   vars:
-    acme_client: uacme
+    # acme_client: uacme
     # acme_client: acmetool
-    cert_provider: "{{ acme_client }}"
+    # cert_provider: "{{ acme_client }}"
     # cert_provider: static
-    # cert_provider: selfsigned
+    cert_provider: selfsigned
   roles:
   - role: "x509/{{ cert_provider }}/base"
   - role: nginx/base
@@ -58,20 +58,8 @@
           '/':
             root: /var/www/default
             index: index.html
-      # static_cert_config: "{{ static_cert_config__default }}"
-      # selfsigned_cert_config:
-      #   cert:
-      #     organization_name: "elev8"
-      #     organizational_unit_name: "ansible"
-      #     key_usage:
-      #     - digitalSignature
-      #     - keyAgreement
-      #     key_usage_critical: yes
-      #     extended_key_usage:
-      #     - serverAuth
-      #     extended_key_usage_critical: yes
-      #     create_subject_key_identifier: yes
-      #     not_after: +1000w
+      static_cert_config: "{{ static_cert_config__default }}"
+      selfsigned_cert_config: "{{ selfsigned_cert_config__default }}"
     include_role:
       name: nginx/vhost
 
@@ -108,19 +96,7 @@
           '/':
             root: /var/www/test
             index: index.html
-      # static_cert_config: "{{ static_cert_config__test }}"
-      # selfsigned_cert_config:
-      #   cert:
-      #     organization_name: "spreadspace"
-      #     organizational_unit_name: "ansible"
-      #     key_usage:
-      #     - digitalSignature
-      #     - keyAgreement
-      #     key_usage_critical: yes
-      #     extended_key_usage:
-      #     - serverAuth
-      #     extended_key_usage_critical: yes
-      #     create_subject_key_identifier: yes
-      #     not_after: +100w
+      static_cert_config: "{{ static_cert_config__test }}"
+      selfsigned_cert_config: "{{ selfsigned_cert_config__test }}"
     include_role:
       name: nginx/vhost
author	Christian Pointner <equinox@spreadspace.org>	2023-08-17 23:23:38 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2023-08-20 22:12:03 +0200
commit	cc8d08920bfb43eabbb075b42eaad76e6e0be203 (patch)
tree	c63713c1c8bc9a38895cd7e83e8fb63a059bd215 /dan
parent	uacme: add automatic refresh timer/service (diff)