diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2023-12-20 16:26:28 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2023-12-20 16:26:28 +0100 |
| commit | bc001d962bccf2faff6eecfbbace44cc6d6e7a27 (patch) | |
| tree | 3e6b8484493df8d62ad4785da3e629a838086707 /roles/mosquitto/tasks | |
| parent | x509: make ca-certificates accessable for role users (diff) | |
mosqitto: rename to mosquitto/broker and add mosquitto/client
Diffstat (limited to 'roles/mosquitto/tasks')
| -rw-r--r-- | roles/mosquitto/tasks/main.yml | 77 |
1 files changed, 0 insertions, 77 deletions
diff --git a/roles/mosquitto/tasks/main.yml b/roles/mosquitto/tasks/main.yml deleted file mode 100644 index 41b7dc7a..00000000 --- a/roles/mosquitto/tasks/main.yml +++ /dev/null @@ -1,77 +0,0 @@ ---- -- name: install mosquitto - apt: - name: - - mosquitto - - mosquitto-clients - state: present - -- name: install mosquitto acl files - loop: "{{ mosquitto_acl_files | dict2items }}" - loop_control: - label: "{{ item.key }}" - copy: - content: | - # Ansible managed - {{ item.value }} - dest: "/etc/mosquitto/{{ item.key }}.acl" - notify: reload mosquitto - -- name: install mosquitto password files - loop: "{{ mosquitto_password_files | dict2items }}" - loop_control: - label: "{{ item.key }}" - copy: - content: | - {{ item.value }} - dest: "/etc/mosquitto/{{ item.key }}.passwd" - owner: root - group: mosquitto - mode: "0640" - notify: reload mosquitto - -- name: generate Diffie-Hellman parameters - when: (mosquitto_listeners | dict2items | selectattr('value.tls', 'defined') | length) > 0 - openssl_dhparam: - path: /etc/mosquitto/certs/dhparams.pem - size: 2048 - notify: reload mosquitto - -- name: generate/install/fetch TLS certificate - loop: "{{ mosquitto_listeners | dict2items | selectattr('value.tls', 'defined') }}" - loop_control: - label: "{{ item.key }}" - vars: - x509_certificate_name: "mosquitto-{{ item.key }}" - x509_certificate_hostnames: "{{ item.value.hostnames }}" - x509_certificate_config: "{{ item.value.tls.certificate_config | default({}) }}" - x509_certificate_renewal: - install: - - dest: "/etc/mosquitto/certs/{{ item.key }}-crt.pem" - src: - - fullchain - owner: root - group: mosquitto - mode: "0644" - - dest: "/etc/mosquitto/certs/{{ item.key }}-key.pem" - src: - - key - owner: root - group: mosquitto - mode: "0640" - - dest: "/etc/mosquitto/ca_certificates/{{ item.key }}-ca-crt.pem" - src: - - ca_cert - owner: root - group: mosquitto - mode: "0644" - x509_certificate_reload_services: - - mosquitto - include_role: - name: "x509/{{ item.value.tls.certificate_provider }}/cert" - -- name: install mosquitto config - template: - src: config.j2 - dest: /etc/mosquitto/conf.d/main.conf - notify: restart mosquitto |