diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2022-12-22 13:01:30 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2022-12-22 13:01:30 +0100 |
| commit | 18e0446c9c545f396d7737b406e6e207748e7926 (patch) | |
| tree | f3f07876c819a4fb9845c6a098adfa9553ed7819 /roles/x509/acmetool/cert | |
| parent | add prometheus snmp exporter (diff) | |
move acmetool to new x509 subdir
Diffstat (limited to 'roles/x509/acmetool/cert')
| -rw-r--r-- | roles/x509/acmetool/cert/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/x509/acmetool/cert/filter_plugins/acme_certs.py | 24 | ||||
| -rw-r--r-- | roles/x509/acmetool/cert/handlers/main.yml | 6 | ||||
| -rw-r--r-- | roles/x509/acmetool/cert/tasks/main.yml | 10 |
4 files changed, 42 insertions, 0 deletions
diff --git a/roles/x509/acmetool/cert/defaults/main.yml b/roles/x509/acmetool/cert/defaults/main.yml new file mode 100644 index 00000000..ab0afaa3 --- /dev/null +++ b/roles/x509/acmetool/cert/defaults/main.yml @@ -0,0 +1,2 @@ +--- +acmetool_reconcile_disabled: false diff --git a/roles/x509/acmetool/cert/filter_plugins/acme_certs.py b/roles/x509/acmetool/cert/filter_plugins/acme_certs.py new file mode 100644 index 00000000..179f71e9 --- /dev/null +++ b/roles/x509/acmetool/cert/filter_plugins/acme_certs.py @@ -0,0 +1,24 @@ +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +from functools import partial + +from ansible import errors + + +def acme_cert_nonexistent(data, hostnames): + try: + return [hostnames[i] for i, d in enumerate(data) if d['stat']['exists'] == False] + except Exception as e: + raise errors.AnsibleFilterError("acme_cert_nonexistent(): %s" % str(e)) + + +class FilterModule(object): + + ''' acme certificate filters ''' + filter_map = { + 'acme_cert_nonexistent': acme_cert_nonexistent, + } + + def filters(self): + return self.filter_map diff --git a/roles/x509/acmetool/cert/handlers/main.yml b/roles/x509/acmetool/cert/handlers/main.yml new file mode 100644 index 00000000..08892c18 --- /dev/null +++ b/roles/x509/acmetool/cert/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: reconcile acmetool + when: not acmetool_reconcile_disabled + ansible.builtin.systemd: + name: acmetool.service + state: started diff --git a/roles/x509/acmetool/cert/tasks/main.yml b/roles/x509/acmetool/cert/tasks/main.yml new file mode 100644 index 00000000..e97aab84 --- /dev/null +++ b/roles/x509/acmetool/cert/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- name: add acmetool desired file + vars: + acmetool_cert_satisfy: + satisfy: + names: "{{ acmetool_cert_hostnames | default([acmetool_cert_name]) }}" + ansible.builtin.copy: + content: "{{ acmetool_cert_config | default({}) | combine(acmetool_cert_satisfy) | to_nice_yaml }}" + dest: "/var/lib/acme/desired/{{ acmetool_cert_name }}" + notify: reconcile acmetool |