rename: x509/ownca to x509/static-ca

1 files changed, 56 insertions, 0 deletions

diff --git a/roles/x509/static-ca/cert/prepare/defaults/main.yml b/roles/x509/static-ca/cert/prepare/defaults/main.yml
new file mode 100644
index 00000000..5287cc93
--- /dev/null
+++ b/roles/x509/static-ca/cert/prepare/defaults/main.yml
@@ -0,0 +1,56 @@
+---
+static_ca_cert_hostnames: "{{ x509_certificate_hostnames }}"
+static_ca_cert_name: "{{ x509_certificate_name | default(static_ca_cert_hostnames[0]) }}"
+
+static_ca_cert_base_dir: "/etc/ssl"
+
+static_ca_cert_default_renew_margin: "+30d"
+static_ca_cert_config: "{{ x509_certificate_config }}"
+# static_ca_cert_config:
+#   path: "{{ static_ca_cert_base_dir }}/{{ static_ca_cert_name }}"
+#   mode: "0750"
+#   owner: root
+#   group: www-data
+#   ca:
+#     key_content: |
+#       -----BEGIN RSA PRIVATE KEY-----
+#       ...
+#       -----END RSA PRIVATE KEY-----
+#     cert_content: |
+#       -----BEGIN CERTIFICATE-----
+#       ...
+#       -----END CERTIFICATE-----
+#   key:
+#     mode: "0640"
+#     owner: root
+#     group: www-data
+#     type: RSA
+#     size: 4096
+#   cert:
+#     mode: "0644"
+#     owner: root
+#     group: www-data
+#     common_name: foo
+#     san_extra:
+#     - "IP:192.0.2.1"
+#     country_name: "AT"
+#     locality_name: "Graz"
+#     organization_name: "spreadspace"
+#     organizational_unit_name: "ansible"
+#     state_or_province_name: "Styria"
+#     basic_constraints:
+#     - "CA:TRUE"
+#     - "pathLenConstraint:0"
+#     basic_constraints_critical: no
+#     key_usage:
+#     - digitalSignature
+#     - keyAgreement
+#     key_usage_critical: yes
+#     extended_key_usage:
+#     - serverAuth
+#     extended_key_usage_critical: yes
+#     create_subject_key_identifier: yes
+#     digest: SHA256
+#     not_before: +0h
+#     not_after: +520w
+#     renew_margin: +42d