Skip to content
This repository has been archived by the owner on Apr 25, 2020. It is now read-only.

jdauphant/ansible-role-ssl-certs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
defaults
defaults
 
 
meta
meta
 
 
tasks
tasks
 
 
templates
templates
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ansible.cfg
ansible.cfg
 
 
test.yml
test.yml
 
 

Repository files navigation

ansible-role-ssl-certs

@jdauphant : I don't have time to manage anymore this role. Don't hesitate to fork and made your own version.

Generate and/or deploy SSL certificate

Available on Ansible Galaxy: jdauphant.ssl-certs

Examples

Example to generate a self-signed SSL certificate

 - hosts: all
   roles:
     - jdauphant.ssl-certs

This will create certificate and private key in:

  • /etc/ssl/myserver.mydomain.com.key
  • /etc/ssl/myserver.mydomain.com.pem

Example to deploy a SSL certificate

 - hosts: all
   roles:
    - role: jdauphant.ssl-certs
      ssl_certs_common_name: "example.com"

The certificate has to be placed in files/ssl/example.com.key and files/ssl/example.com.pem. If they don't exist, the key and a self-signed certificate will be generated at /etc/ssl/example.com/example.com.key and /etc/ssl/example.com/example.com.pem using the provided common name.

Example to deploy a SSL certificate using local key/pem files

 - hosts: all
   roles:
    - role: jdauphant.ssl-certs
      ssl_certs_local_privkey_path: '/path/to/example.com.key'
      ssl_certs_local_cert_path: '/path/to/example.com.pem'

Example to deploy a SSL certificate stored in variables

An SSL certificate and key are just text that can be stored as a variable, which is useful when using ansible vault.

Example variable data, note how the text blob is indented. This is needed to correctly insert the text via the template module.

ssl_certs_local_privkey_data: |
  -----BEGIN RSA PRIVATE KEY-----
  MIIEpQIBAAKCAQEAu2uhv2cjoN4F3arUZ5cDrwuxf3koCwrKSK75as0WZoxYrpyw
  Lyx9ldyD4nGabVep0R/uAgQ/HqEf2jC7WIvGcEq8bHB9PyEEWzT8IjKQX0YTc//4
  gkHBkpyU0fVrj5nkc30EIbcbH4RHRDwye4VhP/iCPchDG7OqvCyOdm8=
  -----END RSA PRIVATE KEY-----
ssl_certs_local_cert_data: |
  -----BEGIN CERTIFICATE-----
  MIIDmzCCAoOgAwIBAgIJAKWMlgLwrBzXMA0GCSqGSIb3DQEBCwUAMGQxCzAJBgNV
  QAL3naEfBSZBl0tBohuxn8Xd3yLPuKGUOk3pSL1IJy0Ca6p+QwjkaZUd9X3gf1V2
  SEfYSaGPvfIlSuHIshno
  -----END CERTIFICATE-----

Then simply include the role as in the first example.

Example to use this role with my Nginx role: jdauphant.nginx

 - hosts: all
   roles:
     - role: jdauphant.ssl-certs
       ssl_certs_generate_dh_param: true
     - role: jdauphant.nginx
       nginx_configs:
          ssl:
               - ssl_certificate_key {{ssl_certs_privkey_path}}
               - ssl_certificate     {{ssl_certs_cert_path}}
               - ssl_dhparam         {{ssl_certs_dhparam_path}}
       nginx_sites:
          default:
               - listen 443 ssl
               - server_name _
               - root "/usr/share/nginx/html"
               - index index.html

About

Generate and/or deploy SSL certificate

Topics

nginx ssl ansible ansible-role

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

127 stars

Watchers

7 watching

Forks

63 forks
Report repository

Releases 17

v1.7.1 Latest
Oct 24, 2018
+ 16 releases

Packages

No packages published

Contributors 19

+ 5 contributors