summaryrefslogtreecommitdiff
path: root/roles/apps/whawty/auth/instance/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/apps/whawty/auth/instance/tasks/main.yml')
-rw-r--r--roles/apps/whawty/auth/instance/tasks/main.yml23
1 files changed, 23 insertions, 0 deletions
diff --git a/roles/apps/whawty/auth/instance/tasks/main.yml b/roles/apps/whawty/auth/instance/tasks/main.yml
index 8bada57c..2c3fc175 100644
--- a/roles/apps/whawty/auth/instance/tasks/main.yml
+++ b/roles/apps/whawty/auth/instance/tasks/main.yml
@@ -62,6 +62,29 @@
include_role:
name: "x509/{{ whawty_auth_instances[whawty_auth_instance].publish.zone.certificate_provider }}/cert"
+- name: generate/install TLS certificates for ldap
+ when:
+ - "'ldap' in whawty_auth_instances[whawty_auth_instance]"
+ - "'tls' in whawty_auth_instances[whawty_auth_instance].ldap"
+ vars:
+ x509_certificate_name: "whawty-auth-{{ whawty_auth_instance }}_ldap"
+ x509_certificate_hostnames: "{{ whawty_auth_instances[whawty_auth_instance].ldap.hostnames }}"
+ x509_certificate_config: "{{ whawty_auth_instances[whawty_auth_instance].ldap.tls.certificate_config }}"
+ x509_certificate_renewal:
+ install:
+ - dest: "{{ whawty_auth_instance_basepath }}/tls/ldap-crt.pem"
+ src:
+ - fullchain
+ owner: app
+ mode: "0444"
+ - dest: "{{ whawty_auth_instance_basepath }}/tls/ldap-key.pem"
+ src:
+ - key
+ owner: app
+ mode: "0400"
+ include_role:
+ name: "x509/{{ whawty_auth_instances[whawty_auth_instance].ldap.tls.certificate_provider }}/cert"
+
- name: generate app listener config
template:
src: listener.yml.j2
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 20:04:22 +0000