diff options
Diffstat (limited to 'roles/apps/publish/base/tasks')
| -rw-r--r-- | roles/apps/publish/base/tasks/main.yml | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/roles/apps/publish/base/tasks/main.yml b/roles/apps/publish/base/tasks/main.yml new file mode 100644 index 00000000..9384b53f --- /dev/null +++ b/roles/apps/publish/base/tasks/main.yml @@ -0,0 +1,21 @@ +--- +- name: generate/install TLS client certificate + loop: "{{ hostvars[inventory_hostname] | apps_publish_zones }}" + loop_control: + label: "{{ item.name }}" + vars: + x509_certificate_name: "apps-publish-{{ item.name }}" + x509_certificate_hostnames: [] + x509_certificate_config: + ca: "{{ item.certificate_ca_config }}" + cert: + common_name: "{{ inventory_hostname }}" + extended_key_usage: + - clientAuth + extended_key_usage_critical: yes + create_subject_key_identifier: yes + not_after: +100w + x509_certificate_reload_services: + - nginx + include_role: + name: "x509/{{ item.certificate_provider }}/cert" |