Loading tasks/renew-cert.yaml +26 −3 Original line number Diff line number Diff line Loading @@ -5,10 +5,24 @@ - domains is iterable - host is string - name: Gather facts ansible.builtin.setup: gather_subset: - date_time - name: Get account key file stat ansible.builtin.stat: path: &account_key_src account.key register: account_key_stat - name: Generate account key community.crypto.openssl_privatekey: # yamllint disable rule:line-length force: |- {{ (ansible_date_time.epoch|int - account_key_stat.stat.mtime|int)/(60*60*24*365) >= 4 }} # yamllint enable rule:line-length mode: 0o0600 path: &account_key_src account.key path: *account_key_src size: 4096 state: present type: RSA Loading @@ -33,11 +47,20 @@ tags: - always - name: Get host key file stat ansible.builtin.stat: path: &key_src |- {{ playbook_dir }}/{{ host }}.key register: host_key_stat - name: Generate {{ host }} key community.crypto.openssl_privatekey: # yamllint disable rule:line-length force: |- {{ (ansible_date_time.epoch|int - host_key_stat.stat.mtime|int)/(60*60*24*365) >= 4 }} # yamllint enable rule:line-length mode: &mode 0o0600 path: &key_src |- {{ playbook_dir }}/{{ host }}.key path: *key_src size: &size 4096 state: present type: &type RSA Loading Loading
tasks/renew-cert.yaml +26 −3 Original line number Diff line number Diff line Loading @@ -5,10 +5,24 @@ - domains is iterable - host is string - name: Gather facts ansible.builtin.setup: gather_subset: - date_time - name: Get account key file stat ansible.builtin.stat: path: &account_key_src account.key register: account_key_stat - name: Generate account key community.crypto.openssl_privatekey: # yamllint disable rule:line-length force: |- {{ (ansible_date_time.epoch|int - account_key_stat.stat.mtime|int)/(60*60*24*365) >= 4 }} # yamllint enable rule:line-length mode: 0o0600 path: &account_key_src account.key path: *account_key_src size: 4096 state: present type: RSA Loading @@ -33,11 +47,20 @@ tags: - always - name: Get host key file stat ansible.builtin.stat: path: &key_src |- {{ playbook_dir }}/{{ host }}.key register: host_key_stat - name: Generate {{ host }} key community.crypto.openssl_privatekey: # yamllint disable rule:line-length force: |- {{ (ansible_date_time.epoch|int - host_key_stat.stat.mtime|int)/(60*60*24*365) >= 4 }} # yamllint enable rule:line-length mode: &mode 0o0600 path: &key_src |- {{ playbook_dir }}/{{ host }}.key path: *key_src size: &size 4096 state: present type: &type RSA Loading