diff options
| author | Romain Gonçalves <me@rgoncalves.se> | 2024-02-08 13:32:37 +0100 |
|---|---|---|
| committer | Romain Gonçalves <me@rgoncalves.se> | 2024-02-08 13:33:36 +0100 |
| commit | adfb09b9e19f7a31632eab01171693cb81ec75ef (patch) | |
| tree | 7b05135581ff49e7a5655ab07af7bba2ada43585 /roles/relayd/tasks | |
| parent | 5c5b0fbf68dca224b7f92f5de0913fd684e7d3d9 (diff) | |
| download | rules-adfb09b9e19f7a31632eab01171693cb81ec75ef.tar.gz | |
refactor(roles): new variable naming standard
Diffstat (limited to 'roles/relayd/tasks')
| -rw-r--r-- | roles/relayd/tasks/main.yml | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/roles/relayd/tasks/main.yml b/roles/relayd/tasks/main.yml index 1346675..6485eb2 100644 --- a/roles/relayd/tasks/main.yml +++ b/roles/relayd/tasks/main.yml @@ -8,57 +8,57 @@ -newkey rsa:4096 -nodes -subj "/CN={{ item.domain }}" - -keyout {{ relayd_ssl_keys_dir }}/{{ item.domain }}.key - -out {{ relayd_ssl_certificates_dir }}/{{ item.domain }}.pem - creates: "{{ relayd_ssl_keys_dir }}/{{ item.domain }}.key" - loop: "{{ relayd_rules }}" + -keyout {{ relayd__ssl_keys_dir }}/{{ item.domain }}.key + -out {{ relayd__ssl_certificates_dir }}/{{ item.domain }}.pem + creates: "{{ relayd__ssl_keys_dir }}/{{ item.domain }}.key" + loop: "{{ relayd__rules }}" - name: apply restrictive permissions on ssl keys ansible.builtin.file: - path: "{{ relayd_ssl_keys_dir }}/{{ item.domain }}.key" + path: "{{ relayd__ssl_keys_dir }}/{{ item.domain }}.key" owner: 0 group: 0 mode: "0600" - loop: "{{ relayd_rules }}" + loop: "{{ relayd__rules }}" - name: retrieve certificate files ansible.builtin.stat: - path: "{{ relayd_ssl_certificates_dir }}/{{ item.domain }}.crt" - loop: "{{ relayd_rules }}" - register: relayd_result_stat_certificates + path: "{{ relayd__ssl_certificates_dir }}/{{ item.domain }}.crt" + loop: "{{ relayd__rules }}" + register: relayd__result_stat_certificates - name: link pem files to certificate files if required ansible.builtin.file: - src: "{{ relayd_ssl_certificates_dir }}/{{ item.item.domain }}.pem" + src: "{{ relayd__ssl_certificates_dir }}/{{ item.item.domain }}.pem" dest: "{{ item.invocation.module_args.path }}" owner: 0 group: 0 state: link when: not item.stat.exists - loop: "{{ relayd_result_stat_certificates.results }}" + loop: "{{ relayd__result_stat_certificates.results }}" - name: generate relayd configuration ansible.builtin.template: src: relayd.conf.j2 - dest: "{{ relayd_configuration_file }}" + dest: "{{ relayd__configuration_file }}" owner: 0 group: 0 mode: "0640" - register: relayd_result_generate_configuration + register: relayd__result_generate_configuration - name: lint relayd configuration - ansible.builtin.command: "relayd -nf {{ relayd_configuration_file }}" - register: relayd_result_lint_configuration + ansible.builtin.command: "relayd -nf {{ relayd__configuration_file }}" + register: relayd__result_lint_configuration changed_when: - - relayd_result_generate_configuration.changed - - relayd_result_lint_configuration.rc != 0 + - relayd__result_generate_configuration.changed + - relayd__result_lint_configuration.rc != 0 - name: restart relayd # noqa: no-handler ansible.builtin.service: name: relayd state: restarted - when: relayd_result_generate_configuration.changed - or relayd_result_lint_configuration.changed + when: relayd__result_generate_configuration.changed + or relayd__result_lint_configuration.changed - name: enable relayd ansible.builtin.service: |