x509: add new role managed-ca

1 files changed, 15 insertions, 0 deletions

diff --git a/roles/x509/managed-ca/cert/prepare/templates/updated.sh.j2 b/roles/x509/managed-ca/cert/prepare/templates/updated.sh.j2
new file mode 100644
index 00000000..f0757832
--- /dev/null
+++ b/roles/x509/managed-ca/cert/prepare/templates/updated.sh.j2
@@ -0,0 +1,15 @@
+#!/bin/sh
+{% if 'install' in x509_certificate_renewal %}
+{%   for file in x509_certificate_renewal.install %}
+
+install{% if 'mode' in file %} -m {{ file.mode }}{% endif %}{% if 'owner' in file %} -o {{ file.owner }}{% endif %}{% if 'group' in file %} -g {{ file.group }}{% endif %} /dev/null "{{ file.dest }}.new"
+{%     for src in file.src %}
+cat "{{ lookup('vars', 'x509_certificate_path_' + src) }}" >> "{{ file.dest }}.new"
+{%     endfor %}
+mv "{{ file.dest }}.new" "{{ file.dest }}"
+{%   endfor %}
+{% endif %}
+{% if 'reload' in x509_certificate_renewal %}
+
+{{ x509_certificate_renewal.reload | trim }}
+{% endif %}