uacme roles almost done

author: Christian Pointner <equinox@spreadspace.org> 2023-08-16 23:38:07 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2023-08-20 22:12:03 +0200
commit: 5756978238ad7b7f2fe8dc46d511cfbd5245c0c3 (patch)
tree: 11c7adc7de6f7a566f870fedce50e39fb27756ee /roles/x509/uacme/base/tasks/main.yml
parent: add role: x509/selfsigned (diff)
1 files changed, 7 insertions, 4 deletions
diff --git a/roles/x509/uacme/base/tasks/main.yml b/roles/x509/uacme/base/tasks/main.yml
index 3d1c8404..9d67e0e7 100644
--- a/roles/x509/uacme/base/tasks/main.yml
+++ b/roles/x509/uacme/base/tasks/main.yml
@@ -7,7 +7,7 @@
     state: present
 
 - name: create acme account key
-  command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y new '{{ uacme_account_email }}'"
+  command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y{% if uacme_eab is defined %} -e {{ uacme_eab }}{% endif %} new '{{ uacme_account_email }}'"
   args:
     creates: /var/lib/uacme.d/private/key.pem
 
@@ -44,7 +44,10 @@
         alias {{ uacme_challenge_webroot_path | default('/var/run/acme/acme-challenge') }}/;
       }
 
-- name: generate selfsigned interim certificate
-  include_tasks: selfsigned.yml
+- name: install reconcile script
+  template:
+    src: uacme-reconcile.sh.j2
+    dest: /usr/local/bin/uacme-reconcile.sh
+    mode: 0755
 
-## TODO: add global automatic refresher?
+## TODO: add systemd units for automatic refreshing
author	Christian Pointner <equinox@spreadspace.org>	2023-08-16 23:38:07 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2023-08-20 22:12:03 +0200
commit	5756978238ad7b7f2fe8dc46d511cfbd5245c0c3 (patch)
tree	11c7adc7de6f7a566f870fedce50e39fb27756ee /roles/x509/uacme/base/tasks/main.yml
parent	add role: x509/selfsigned (diff)