aboutsummaryrefslogtreecommitdiffstats
path: root/roles/web/tasks/acme-domainkey.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/web/tasks/acme-domainkey.yml')
-rw-r--r--roles/web/tasks/acme-domainkey.yml21
1 files changed, 21 insertions, 0 deletions
diff --git a/roles/web/tasks/acme-domainkey.yml b/roles/web/tasks/acme-domainkey.yml
new file mode 100644
index 0000000..ac409c2
--- /dev/null
+++ b/roles/web/tasks/acme-domainkey.yml
@@ -0,0 +1,21 @@
+---
+- name: (local) acme - check domain private key existence
+ become: false
+ stat:
+ path: "{{ playbook_dir }}/private/acme/{{ domain }}.pem"
+ delegate_to: localhost
+ register: stat_result
+
+- name: (local) acme - generate domain private key (4096 bit)
+ become: false
+ command: >
+ openssl genrsa
+ -out "{{ playbook_dir }}/private/acme/{{ domain }}.pem" 4096
+ delegate_to: localhost
+ when: not stat_result.stat.exists
+
+- name: acme - copy domain private key
+ copy:
+ src: "{{ playbook_dir }}/private/acme/{{ domain }}.pem"
+ dest: /usr/local/etc/ssl/acme/private/{{ domain }}.pem
+ mode: 0400
Copyright © 2017-2018 Aaron LI. All Rights Reserved.