Skip to content

Latest commit

 

History

History
104 lines (74 loc) · 3.64 KB

README.md

File metadata and controls

104 lines (74 loc) · 3.64 KB
Raw

Ansible role lunik.wabbit.x509

License Release Ansible Galaxy Ansible version

Base requirements for Wabbit device

Platforms Supported:

Platform Versions
all all

⚠️ Requirements

Ansible >= 7.

Ansible role dependencies

None.

⚡ Installation

Install with Ansible Galaxy

ansible-galaxy collection install lunik.wabbit

✏️ Example Playbook

Basic usage is:

- hosts: all
  roles:
    - role: lunik.wabbit.x509
      vars:
        x509_org_country_name: FR
        x509_org_email_address: [email protected]
        x509_org_locality_name: France
        x509_org_organization_name: YourCompany

        x509_org_root_ca_key_path: /tmp/rootCA.key
        x509_org_root_ca_key_passphrase: "{{ lookup('password', '/tmp/rootCA.key.passphrase') }}"
        x509_org_root_ca_cert_path: /tmp/rootCA.cert

        x509_org_intermediate_ca: []
          - name: app
            key_path: /tmp/appCA.key
            key_passphrase: "{{ lookup('password', '/tmp/appCA.key.passphrase') }}"
            cert_path: /tmp/appCA.cert

        x509_app_certificates_path: /tmp/app
        x509_app_certificates:
          - common_name: example.org
            ca: app
            expiration: +365d
            alt_names:
              - exemple.fr

⚙️ Role Variables

Variables are divided in three types.

The default vars section shows you which variables you may override in your ansible inventory. As a matter of fact, all variables should be defined there for explicitness, ease of documentation as well as overall role manageability.

The context variables are shown in section below hint you on how runtime context may affects role execution.

Default variables

Role default variables from defaults/main.yml.

Variable Name Required Type Default Description
x509_org_country_name Yes String N/A Country Name for certificates
x509_org_email_address Yes String N/A Email address for certificates
x509_org_locality_name Yes String N/A Locality for certificates
x509_org_organization_name Yes String N/A Organization name for certificates
x509_org_root_ca_key_path Yes String N/A Path where to store the root CA private key
x509_org_root_ca_key_passphrase Yes String N/A Root CA private key passphrase
x509_org_root_ca_cert_path Yes String N/A Path where to store the root CA certificate
x509_org_intermediate_ca No List(Object) N/A List of intermediate certificates. See defaults/main.yml
x509_app_certificates_path Yes String N/A Path where to store generated certificates
x509_app_certificates No List(Object) N/A List of certificates. See defaults/main.yml

Context variables

Those variables from vars/*.{yml,json} are loaded dynamically during task runtime of the module.

See vars/main.yml

Author Information

Tiwabbit / Guillaume MARTINEZ