From 64efa9bfe73eaa2136ea8fbf10ef96bb8b398270 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Mon, 14 Dec 2015 18:30:39 +0200
Subject: [PATCH] Adjust add_tls_cert tasks to work on OpenBSD as well.

---
 tasks/add_tls_cert.yml     | 4 ++--
 tasks/tls_cert_OpenBSD.yml | 1 -
 vars/main.yml              | 6 ++++++
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/tasks/add_tls_cert.yml b/tasks/add_tls_cert.yml
index 42f783f..edc2c40 100644
--- a/tasks/add_tls_cert.yml
+++ b/tasks/add_tls_cert.yml
@@ -19,9 +19,9 @@
   when: ansible_os_family == 'Debian'
   copy:
     src: '{{ item }}'
-    dest: '/usr/local/share/ca-certificates/{{ item|basename }}.crt'
+    dest: '{{ cert_dir[ansible_os_family] }}/{{ item|basename }}.crt'
     owner: root
-    group: root
+    group: '{{ root_group[ansible_os_family] }}'
     mode: '0644'
   notify:
   - Update CA store
diff --git a/tasks/tls_cert_OpenBSD.yml b/tasks/tls_cert_OpenBSD.yml
index e2b5681..9f07913 100644
--- a/tasks/tls_cert_OpenBSD.yml
+++ b/tasks/tls_cert_OpenBSD.yml
@@ -56,7 +56,6 @@
         -out /etc/ssl/certs/ssl-cert-snakeoil.pem \
         -days 3650
         -subj "/CN={{ ansible_fqdn }}"
-  register: tls_gen_snakeoil_cert
 
 - name: Set TLS key and certificate
   set_fact:
diff --git a/vars/main.yml b/vars/main.yml
index a4b91f6..853fa99 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -41,3 +41,9 @@ ca_store:
 ssh_daemon:
     OpenBSD: sshd
     Debian: ssh
+root_group:
+    OpenBSD: wheel
+    Debian: root
+cert_dir:
+    OpenBSD: /etc/ssl/certs
+    Debian: /usr/local/share/ca-certificates
-- 
GitLab