diff options
author | Christian Pointner <equinox@spreadspace.org> | 2024-02-01 00:03:13 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2024-02-01 00:03:13 +0100 |
commit | b168f3f3e267f17b6a435cec5c145e4a67caca12 (patch) | |
tree | ae451577e26971b595e71cecbbcf28235ce3f306 /roles/apps/whawty/auth/instance/tasks/main.yml | |
parent | apps/whawty: switch to new 0.3 release candidate (diff) |
apps/whawty/auth: add ldap listener
Diffstat (limited to 'roles/apps/whawty/auth/instance/tasks/main.yml')
-rw-r--r-- | roles/apps/whawty/auth/instance/tasks/main.yml | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/roles/apps/whawty/auth/instance/tasks/main.yml b/roles/apps/whawty/auth/instance/tasks/main.yml index 8bada57c..2c3fc175 100644 --- a/roles/apps/whawty/auth/instance/tasks/main.yml +++ b/roles/apps/whawty/auth/instance/tasks/main.yml @@ -62,6 +62,29 @@ include_role: name: "x509/{{ whawty_auth_instances[whawty_auth_instance].publish.zone.certificate_provider }}/cert" +- name: generate/install TLS certificates for ldap + when: + - "'ldap' in whawty_auth_instances[whawty_auth_instance]" + - "'tls' in whawty_auth_instances[whawty_auth_instance].ldap" + vars: + x509_certificate_name: "whawty-auth-{{ whawty_auth_instance }}_ldap" + x509_certificate_hostnames: "{{ whawty_auth_instances[whawty_auth_instance].ldap.hostnames }}" + x509_certificate_config: "{{ whawty_auth_instances[whawty_auth_instance].ldap.tls.certificate_config }}" + x509_certificate_renewal: + install: + - dest: "{{ whawty_auth_instance_basepath }}/tls/ldap-crt.pem" + src: + - fullchain + owner: app + mode: "0444" + - dest: "{{ whawty_auth_instance_basepath }}/tls/ldap-key.pem" + src: + - key + owner: app + mode: "0400" + include_role: + name: "x509/{{ whawty_auth_instances[whawty_auth_instance].ldap.tls.certificate_provider }}/cert" + - name: generate app listener config template: src: listener.yml.j2 |