Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ansible/artifactory_nginx_ssl] Wrong variables checks for ssl_certificate and certificate #421

Open
EmptyByte opened this issue Oct 28, 2024 · 1 comment

Comments

@EmptyByte
Copy link

In defaults:

ssl_certificate_install: true
ssl_certificate_path: /etc/pki/tls/certs
ssl_certificate_key_path: /etc/pki/tls/private
ssl_certificate: cert.pem
ssl_certificate_key: cert.key

In tasks/main.yml

The first tasks checks if two undefined variables exists:

- name: Check required variables
  ansible.builtin.fail: msg="Variable '{{ item }}' is not defined"
  when: item not in vars
  loop:
    - certificate
    - certificate_key
    - server_name

Then later you use the right variables names (ie ssl_certificate and ssl_certificate_key) :

- name: Ensure ssl_certificate_path exists
  become: true
  ansible.builtin.file:
    path: "{{ ssl_certificate_path }}"
    state: directory
    mode: 0755
  when: ssl_certificate_install

- name: Ensure ssl_certificate_key_path exists
  become: true
  ansible.builtin.file:
    path: "{{ ssl_certificate_key_path }}"
    state: directory
    mode: 0700
  when: ssl_certificate_install

- name: Configure certificate
  become: true
  ansible.builtin.template:
    src: certificate.pem.j2
    dest: "{{ ssl_certificate_path }}/{{ ssl_certificate }}"
    mode: 0644
  notify: Restart nginx
  no_log: true
  when: ssl_certificate_install

- name: Configure key
  become: true
  ansible.builtin.template:
    src: certificate.key.j2
    dest: "{{ ssl_certificate_key_path }}/{{ ssl_certificate_key }}"
    mode: 0600
  notify: Restart nginx
  no_log: true
  when: ssl_certificate_install
@EmptyByte
Copy link
Author

Nevermind those are variables used in templates (not mentionned in README or defaults).
So you have to pass the cert/key with the above vars split with pipe:

cat cert.key | tr '\n' '|'
cat cert.pem | tr '\n' '|'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant