From cc15d8692b6c155781f9e89a7a29f11a0185edf4 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Thu, 15 Dec 2016 18:10:32 +0200
Subject: [PATCH] - Correct handling of TLS key and certs, for that adding the
 ca-store as a dependency and the modules submodule. - Removed adarnimrod
 prefix from the name of dependencies for easier development.

---
 .gitmodules                  | 3 +++
 defaults/main.yml            | 2 ++
 library/shore                | 1 +
 meta/main.yml                | 4 +++-
 templates/forwarding.conf.j2 | 6 +++---
 tests/playbook.yml           | 4 ++--
 tests/requirements.yml       | 2 ++
 7 files changed, 16 insertions(+), 6 deletions(-)
 create mode 100644 .gitmodules
 create mode 160000 library/shore

diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..c8bc96e
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "library/shore"]
+	path = library/shore
+	url = https://www.shore.co.il/git/ansible-modules
diff --git a/defaults/main.yml b/defaults/main.yml
index 55eb102..4c2d9ac 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -2,3 +2,5 @@
 # defaults file for syslog-forward
 
 syslog_server:
+syslog_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
+syslog_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
diff --git a/library/shore b/library/shore
new file mode 160000
index 0000000..2efdc7b
--- /dev/null
+++ b/library/shore
@@ -0,0 +1 @@
+Subproject commit 2efdc7b0a7d963ca5f2d7887530776906b319486
diff --git a/meta/main.yml b/meta/main.yml
index e66997b..3ba621b 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -13,4 +13,6 @@ galaxy_info:
     versions:
     - jessie
   galaxy_tags: [ syslog ]
-dependencies: []
+dependencies:
+- src: adarnimrod.ca-store
+  name: ca-store
diff --git a/templates/forwarding.conf.j2 b/templates/forwarding.conf.j2
index 9a4062e..018b459 100644
--- a/templates/forwarding.conf.j2
+++ b/templates/forwarding.conf.j2
@@ -1,8 +1,8 @@
 {#
 $DefaultNetstreamDriver gtls
-$DefaultNetstreamDriverCAFile {{ tls_ca_cert_path }}
-$DefaultNetstreamDriverCertFile {{ tls_cert_path }}
-$DefaultNetstreamDriverKeyFile {{ tls_key_path }}
+$DefaultNetstreamDriverCAFile /etc/ssl/certs/ca-certificates.crt
+$DefaultNetstreamDriverCertFile {{ syslog_cert_file }}
+$DefaultNetstreamDriverKeyFile {{ syslog_key_file }}
 $ActionSendStreamDriverAuthMode x509/name
 #}
 
diff --git a/tests/playbook.yml b/tests/playbook.yml
index a740c9b..ddad686 100644
--- a/tests/playbook.yml
+++ b/tests/playbook.yml
@@ -1,11 +1,11 @@
 ---
 - hosts: syslog-forward-openbsd
   gather_facts: false
-  roles: [adarnimrod.openbsd-bootstrap]
+  roles: [openbsd-bootstrap]
 
 - hosts: syslog-forward-xenial
   gather_facts: false
-  roles: [adarnimrod.debian-bootstrap]
+  roles: [debian-bootstrap]
 
 - hosts: all
   strategy: free
diff --git a/tests/requirements.yml b/tests/requirements.yml
index cdc294c..70716f6 100644
--- a/tests/requirements.yml
+++ b/tests/requirements.yml
@@ -1,3 +1,5 @@
 ---
 - src: adarnimrod.openbsd-bootstrap
+  name: openbsd-bootstrap
 - src: adarnimrod.debian-bootstrap
+  name: debian-bootstrap
-- 
GitLab