From 5756978238ad7b7f2fe8dc46d511cfbd5245c0c3 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 16 Aug 2023 23:38:07 +0200
Subject: uacme roles almost done

---
 dan/sk-testvm.yml | 59 ++++++++++++++++++++++++++++---------------------------
 1 file changed, 30 insertions(+), 29 deletions(-)

(limited to 'dan/sk-testvm.yml')

diff --git a/dan/sk-testvm.yml b/dan/sk-testvm.yml
index de8e66ba..39835fad 100644
--- a/dan/sk-testvm.yml
+++ b/dan/sk-testvm.yml
@@ -11,9 +11,11 @@
 - name: Payload Setup
   hosts: sk-testvm
   vars:
-    # cert_provider: acmetool
+    acme_client: uacme
+    # acme_client: acmetool
+    cert_provider: "{{ acme_client }}"
     # cert_provider: static
-    cert_provider: selfsigned
+    # cert_provider: selfsigned
   roles:
   - role: "x509/{{ cert_provider }}/base"
   - role: nginx/base
@@ -57,20 +59,19 @@
             root: /var/www/default
             index: index.html
       # static_cert_config: "{{ static_cert_config__default }}"
-      selfsigned_cert_config:
-        cert:
-          organization_name: "elev8"
-          organizational_unit_name: "ansible"
-          key_usage:
-          - digitalSignature
-          - keyAgreement
-          key_usage_critical: yes
-          extended_key_usage:
-          - serverAuth
-          extended_key_usage_critical: yes
-          create_subject_key_identifier: yes
-          not_after: +1000w
-
+      # selfsigned_cert_config:
+      #   cert:
+      #     organization_name: "elev8"
+      #     organizational_unit_name: "ansible"
+      #     key_usage:
+      #     - digitalSignature
+      #     - keyAgreement
+      #     key_usage_critical: yes
+      #     extended_key_usage:
+      #     - serverAuth
+      #     extended_key_usage_critical: yes
+      #     create_subject_key_identifier: yes
+      #     not_after: +1000w
     include_role:
       name: nginx/vhost
 
@@ -108,18 +109,18 @@
             root: /var/www/test
             index: index.html
       # static_cert_config: "{{ static_cert_config__test }}"
-      selfsigned_cert_config:
-        cert:
-          organization_name: "spreadspace"
-          organizational_unit_name: "ansible"
-          key_usage:
-          - digitalSignature
-          - keyAgreement
-          key_usage_critical: yes
-          extended_key_usage:
-          - serverAuth
-          extended_key_usage_critical: yes
-          create_subject_key_identifier: yes
-          not_after: +100w
+      # selfsigned_cert_config:
+      #   cert:
+      #     organization_name: "spreadspace"
+      #     organizational_unit_name: "ansible"
+      #     key_usage:
+      #     - digitalSignature
+      #     - keyAgreement
+      #     key_usage_critical: yes
+      #     extended_key_usage:
+      #     - serverAuth
+      #     extended_key_usage_critical: yes
+      #     create_subject_key_identifier: yes
+      #     not_after: +100w
     include_role:
       name: nginx/vhost
-- 
cgit v1.2.3