diff options
author | Christian Pointner <equinox@spreadspace.org> | 2023-09-21 18:10:50 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2023-09-21 18:10:50 +0200 |
commit | 939ceb893388e9eeaaaa9b0c53da57c72008bc3a (patch) | |
tree | a634dc21e07101bbcc25a7322e7ac26c06f07f36 /roles/x509/uacme | |
parent | grafana: fix race condition for admin password check after first start (diff) |
uacme: eab hmac key is most likely already encoded and doesn't need additional encoding
Diffstat (limited to 'roles/x509/uacme')
-rw-r--r-- | roles/x509/uacme/base/filter_plugins/uacme.py | 26 | ||||
-rw-r--r-- | roles/x509/uacme/base/tasks/main.yml | 2 |
2 files changed, 1 insertions, 27 deletions
diff --git a/roles/x509/uacme/base/filter_plugins/uacme.py b/roles/x509/uacme/base/filter_plugins/uacme.py deleted file mode 100644 index 07a87db5..00000000 --- a/roles/x509/uacme/base/filter_plugins/uacme.py +++ /dev/null @@ -1,26 +0,0 @@ -from __future__ import (absolute_import, division, print_function) -__metaclass__ = type - -from functools import partial -from base64 import urlsafe_b64encode - -from ansible import errors -from ansible.module_utils.common.text import formatters -from ansible.module_utils._text import to_bytes, to_text - - -def uacme_eab_param(eab): - try: - return "%s:%s" % (eab['keyid'], to_text(urlsafe_b64encode(to_bytes(eab['key'], errors='surrogate_or_strict'))).strip("=")) - except Exception as e: - raise errors.AnsibleFilterError("uacme_eab_param(): %s" % str(e)) - - -class FilterModule(object): - - filter_map = { - 'uacme_eab_param': uacme_eab_param, - } - - def filters(self): - return self.filter_map diff --git a/roles/x509/uacme/base/tasks/main.yml b/roles/x509/uacme/base/tasks/main.yml index f52c3cf0..34f91950 100644 --- a/roles/x509/uacme/base/tasks/main.yml +++ b/roles/x509/uacme/base/tasks/main.yml @@ -7,7 +7,7 @@ state: present - name: create acme account key - command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y{% if uacme_eab is defined %} -e '{{ uacme_eab | uacme_eab_param }}'{% endif %} new '{{ uacme_account_email }}'" + command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y{% if uacme_eab is defined %} -e '{{ uacme_eab.keyid }}:{{ uacme_eab.key }}'{% endif %} new '{{ uacme_account_email }}'" args: creates: /var/lib/uacme.d/private/key.pem |