extras/ansible/roles/common/tasks/install_ssl_key.yml
---
- name: Check SSL key and chain are installed
stat: path={{ dhparam_pem_addr }}
register: dhparam_pem_stat
- name: Create Diffie-Hellman pem file
command: openssl dhparam -out {{ dhparam_pem_addr }} 2048
when: not dhparam_pem_stat.stat.exists
notify: restart nginx
- name: Put SSL key
copy: src={{ ssl_key }} dest={{ ssl_key_addr }}
when: ssl_key and ssl_cert
- name: Put SSL cert
copy: src={{ ssl_cert }} dest={{ ssl_cert_addr }}
when: ssl_key and ssl_cert
notify: reload nginx
- name: Check SSL key and chain are installed
stat: path={{ ssl_key_addr }}
register: ssl_key_stat
- name: Create auto-signed SSL key and cert
command: openssl req -new -x509 -subj "/C=FR/ST=IDF/L=Paris/O=IT/CN={{ server_url }}" -nodes -days 3650 -newkey rsa:2048 -keyout {{ ssl_key_addr }} -out {{ ssl_cert_addr }}
when: not ssl_key_stat.stat.exists
notify: reload nginx