2020-12-23 04:38:40 -07:00

26 lines
880 B

# ansible default variables - most variables live here
ipa_getcert_key_default_location: "/etc/pki/tls/private/{{ ansible_fqdn }}.key"
ipa_getcert_cert_default_location: "/etc/pki/tls/certs/{{ ansible_fqdn }}.crt"
ipa_getcert_owner_default: root
# List of hostnames that should be requested
- name: "{{ ansible_fqdn }}"
key_location: /etc/pki/tls/private/name.key
cert_location: /etc/pki/tls/certs/name.crt
# If you need a different ownership, you can setup the above sort of like this:
# ipa_getcert_requested_hostnames:
# - name: name
# postcmd: "/bin/systemctl restart ejabberd"
# owner: ejabberd
# key_location: /opt/ejabberd/conf/pki
# cert_location: /opt/ejabberd/conf/pki
# This feature coming soon
#ipa_getcert_fqdn_symlink: true
ipa_getcert_chain: false
ipa_getcert_chain_location: /etc/pki/tls/chains