From 18e0446c9c545f396d7737b406e6e207748e7926 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Thu, 22 Dec 2022 13:01:30 +0100
Subject: move acmetool to new x509 subdir

---
 roles/x509/acmetool/cert/defaults/main.yml         |  2 ++
 .../acmetool/cert/filter_plugins/acme_certs.py     | 24 ++++++++++++++++++++++
 roles/x509/acmetool/cert/handlers/main.yml         |  6 ++++++
 roles/x509/acmetool/cert/tasks/main.yml            | 10 +++++++++
 4 files changed, 42 insertions(+)
 create mode 100644 roles/x509/acmetool/cert/defaults/main.yml
 create mode 100644 roles/x509/acmetool/cert/filter_plugins/acme_certs.py
 create mode 100644 roles/x509/acmetool/cert/handlers/main.yml
 create mode 100644 roles/x509/acmetool/cert/tasks/main.yml

(limited to 'roles/x509/acmetool/cert')

diff --git a/roles/x509/acmetool/cert/defaults/main.yml b/roles/x509/acmetool/cert/defaults/main.yml
new file mode 100644
index 00000000..ab0afaa3
--- /dev/null
+++ b/roles/x509/acmetool/cert/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+acmetool_reconcile_disabled: false
diff --git a/roles/x509/acmetool/cert/filter_plugins/acme_certs.py b/roles/x509/acmetool/cert/filter_plugins/acme_certs.py
new file mode 100644
index 00000000..179f71e9
--- /dev/null
+++ b/roles/x509/acmetool/cert/filter_plugins/acme_certs.py
@@ -0,0 +1,24 @@
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from functools import partial
+
+from ansible import errors
+
+
+def acme_cert_nonexistent(data, hostnames):
+    try:
+        return [hostnames[i] for i, d in enumerate(data) if d['stat']['exists'] == False]
+    except Exception as e:
+        raise errors.AnsibleFilterError("acme_cert_nonexistent(): %s" % str(e))
+
+
+class FilterModule(object):
+
+    ''' acme certificate filters '''
+    filter_map = {
+        'acme_cert_nonexistent': acme_cert_nonexistent,
+    }
+
+    def filters(self):
+        return self.filter_map
diff --git a/roles/x509/acmetool/cert/handlers/main.yml b/roles/x509/acmetool/cert/handlers/main.yml
new file mode 100644
index 00000000..08892c18
--- /dev/null
+++ b/roles/x509/acmetool/cert/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: reconcile acmetool
+  when: not acmetool_reconcile_disabled
+  ansible.builtin.systemd:
+    name: acmetool.service
+    state: started
diff --git a/roles/x509/acmetool/cert/tasks/main.yml b/roles/x509/acmetool/cert/tasks/main.yml
new file mode 100644
index 00000000..e97aab84
--- /dev/null
+++ b/roles/x509/acmetool/cert/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- name: add acmetool desired file
+  vars:
+    acmetool_cert_satisfy:
+      satisfy:
+        names: "{{ acmetool_cert_hostnames | default([acmetool_cert_name]) }}"
+  ansible.builtin.copy:
+    content: "{{ acmetool_cert_config | default({}) | combine(acmetool_cert_satisfy) | to_nice_yaml }}"
+    dest: "/var/lib/acme/desired/{{ acmetool_cert_name }}"
+  notify: reconcile acmetool
-- 
cgit v1.2.3