From 939ceb893388e9eeaaaa9b0c53da57c72008bc3a Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Thu, 21 Sep 2023 18:10:50 +0200
Subject: uacme: eab hmac key is most likely already encoded and doesn't need
 additional encoding

---
 roles/x509/uacme/base/filter_plugins/uacme.py | 26 --------------------------
 roles/x509/uacme/base/tasks/main.yml          |  2 +-
 2 files changed, 1 insertion(+), 27 deletions(-)
 delete mode 100644 roles/x509/uacme/base/filter_plugins/uacme.py

diff --git a/roles/x509/uacme/base/filter_plugins/uacme.py b/roles/x509/uacme/base/filter_plugins/uacme.py
deleted file mode 100644
index 07a87db5..00000000
--- a/roles/x509/uacme/base/filter_plugins/uacme.py
+++ /dev/null
@@ -1,26 +0,0 @@
-from __future__ import (absolute_import, division, print_function)
-__metaclass__ = type
-
-from functools import partial
-from base64 import urlsafe_b64encode
-
-from ansible import errors
-from ansible.module_utils.common.text import formatters
-from ansible.module_utils._text import to_bytes, to_text
-
-
-def uacme_eab_param(eab):
-    try:
-        return "%s:%s" % (eab['keyid'], to_text(urlsafe_b64encode(to_bytes(eab['key'], errors='surrogate_or_strict'))).strip("="))
-    except Exception as e:
-        raise errors.AnsibleFilterError("uacme_eab_param(): %s" % str(e))
-
-
-class FilterModule(object):
-
-    filter_map = {
-        'uacme_eab_param': uacme_eab_param,
-    }
-
-    def filters(self):
-        return self.filter_map
diff --git a/roles/x509/uacme/base/tasks/main.yml b/roles/x509/uacme/base/tasks/main.yml
index f52c3cf0..34f91950 100644
--- a/roles/x509/uacme/base/tasks/main.yml
+++ b/roles/x509/uacme/base/tasks/main.yml
@@ -7,7 +7,7 @@
     state: present
 
 - name: create acme account key
-  command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y{% if uacme_eab is defined %} -e '{{ uacme_eab | uacme_eab_param }}'{% endif %} new '{{ uacme_account_email }}'"
+  command: "uacme -c /var/lib/uacme.d -a '{{ uacme_directory_server }}' -y{% if uacme_eab is defined %} -e '{{ uacme_eab.keyid }}:{{ uacme_eab.key }}'{% endif %} new '{{ uacme_account_email }}'"
   args:
     creates: /var/lib/uacme.d/private/key.pem
 
-- 
cgit v1.2.3