diff options
author | Suren A. Chilingaryan <csa@suren.me> | 2017-04-01 04:53:28 +0200 |
---|---|---|
committer | Suren A. Chilingaryan <csa@suren.me> | 2017-04-01 04:53:28 +0200 |
commit | e7ed329bd81c2273c03e94c93c9ce9c1d01cdc86 (patch) | |
tree | 444778102e4f73b83ef9462235b7f614b004b264 /roles/openvpn/tasks/keys.yml | |
download | ands-e7ed329bd81c2273c03e94c93c9ce9c1d01cdc86.tar.gz ands-e7ed329bd81c2273c03e94c93c9ce9c1d01cdc86.tar.bz2 ands-e7ed329bd81c2273c03e94c93c9ce9c1d01cdc86.tar.xz ands-e7ed329bd81c2273c03e94c93c9ce9c1d01cdc86.zip |
Initial import
Diffstat (limited to 'roles/openvpn/tasks/keys.yml')
-rw-r--r-- | roles/openvpn/tasks/keys.yml | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/roles/openvpn/tasks/keys.yml b/roles/openvpn/tasks/keys.yml new file mode 100644 index 0000000..dd9f4ec --- /dev/null +++ b/roles/openvpn/tasks/keys.yml @@ -0,0 +1,13 @@ +- name: Copy CA private key + copy: src="ca/ca.key" dest="{{openvpn_keydir}}/" owner="root" group="root" mode="0400" + +- name: OpenSSL generate request + command: openssl req -subj '/CN={{ ansible_hostname }}' -new -keyout "node.key" -out "node.csr" -batch -nodes chdir="{{openvpn_keydir}}" creates="{{openvpn_keydir}}/node.csr" + +- name: Generate CA serial file + copy: content="01" dest="{{openvpn_keydir}}/ca.srl" + +- name: OpenSSL sign the request + command: openssl x509 -req -days 3650 -in "node.csr" -CA "ca.crt" -CAkey "ca.key" -out "node.crt" chdir="{{openvpn_keydir}}" creates="{{openvpn_keydir}}/node.crt" + notify: + - openvpn |