|
- ---
-
- - name: Fail if using unsupported SSL certificate retrieval method
- ansible.builtin.fail:
- msg: "The `matrix_ssl_retrieval_method` variable contains an unsupported value"
- when: "matrix_ssl_retrieval_method not in ['lets-encrypt', 'self-signed', 'manually-managed', 'none']"
-
- - name: Fail if using unsupported private key type
- ansible.builtin.fail:
- msg: "The `matrix_ssl_lets_encrypt_key_type` variable contains an unsupported value"
- when: "matrix_ssl_lets_encrypt_key_type not in ['rsa', 'ecdsa']"
-
-
- # Common tasks, required by almost any method below.
-
- - name: Ensure SSL certificate paths exists
- ansible.builtin.file:
- path: "{{ item }}"
- state: directory
- mode: 0770
- owner: "{{ matrix_user_username }}"
- group: "{{ matrix_user_groupname }}"
- recurse: true
- with_items:
- - "{{ matrix_ssl_log_dir_path }}"
- - "{{ matrix_ssl_config_dir_path }}"
- - "{{ matrix_ssl_bin_dir_path }}"
- when: "matrix_ssl_retrieval_method != 'none'"
-
-
- # Method specific tasks follow
-
- - ansible.builtin.import_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_lets_encrypt.yml"
-
- - ansible.builtin.import_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed.yml"
-
- - ansible.builtin.import_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_manually_managed.yml"
|
