Move certificates to Ansible Vault (#27)
This commit is contained in:
parent
47dd3267f5
commit
e48997e139
|
|
@ -4,3 +4,5 @@
|
||||||
- docker
|
- docker
|
||||||
- nginx
|
- nginx
|
||||||
- jellyfin
|
- jellyfin
|
||||||
|
vars_files:
|
||||||
|
- vault/certs/{{ base_domain }}.yml
|
||||||
|
|
|
||||||
|
|
@ -1,20 +0,0 @@
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIDNTCCAh0CFA+NVMwkGKvL8NbRd7waRkEHYcf/MA0GCSqGSIb3DQEBCwUAMFUx
|
|
||||||
CzAJBgNVBAYTAkNaMQ8wDQYDVQQHDAZQcmFndWUxEDAOBgNVBAMMB0hvbWVsYWIx
|
|
||||||
IzAhBgkqhkiG9w0BCQEWFGx1a2FzQGt1Y2hhcmN6eWsueHl6MB4XDTIxMDUxMzIy
|
|
||||||
MDA1NloXDTMxMDUxMTIyMDA1NlowWTELMAkGA1UEBhMCQ1oxDzANBgNVBAcMBlBy
|
|
||||||
YWd1ZTEUMBIGA1UEAwwLKi5kZXYubG9jYWwxIzAhBgkqhkiG9w0BCQEWFGx1a2Fz
|
|
||||||
QGt1Y2hhcmN6eWsueHl6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
|
|
||||||
0/jsQ6h6PodfYxTSAwUIY9+AXQ519Km4YNnxH5Ma3AjFH0asJyYR/CC6Zx4VOI1c
|
|
||||||
ZvelLHH/fonuLygSVc9zG5e3k62m6WHxZDDD0GidbmsgPMfPK5r1m9B2McbqWlVD
|
|
||||||
R0Y7FuGCQb0PqClJu86knw2kaYaFHrMVyBgZXAqXfEYIVJJ5SL8Yzo/lyoSHwlmk
|
|
||||||
lZ3LjnvlJ9IAOVpoWiuxmCzzEpGWQyve47HgyN5Q6Um8C0hgwj9fbA9L8Ns8PKt3
|
|
||||||
y+ypFJMO8gXsup4h7VhRz8KpqdBpo9ghMsvxTAUiPGkerUEjqiIFK2Iz1bZ8yL5d
|
|
||||||
/Gh0EM6ii2FSwsTpVzJ0xQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBjaFbfxfut
|
|
||||||
blYjPZ3mn1hbo3w5kqo9Ly7OLU4mCoK/DFzUBJbIj471B+7cK8hjmvzDUCQxRQWx
|
|
||||||
pBOBzOR4VSF4Z/xKKc1tWQJSC1r5JP0qmkYrmgIgLVi/gdZVYc7qLQbAlJhIOqD1
|
|
||||||
vQnXrBRqUm7J2ThqFdBuILvR20Pkoa2GnH3ufnQvdSs4WPWocR+fKYbx/DKjpAbU
|
|
||||||
GWg1HnL+7PiflV1HDAkc2kiNQy70/bxcQq1HvQRxjm5C15ojdVzyqPy+CwQo+JOd
|
|
||||||
IdueOS9mM6CQATnwQxK0XKkyH1yI9M83ahQbArwWTzejRWJQd0xYWdQgiEr4aWWV
|
|
||||||
DONUin6JUgVV
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
|
|
@ -1,17 +0,0 @@
|
||||||
-----BEGIN CERTIFICATE REQUEST-----
|
|
||||||
MIICnjCCAYYCAQAwWTELMAkGA1UEBhMCQ1oxDzANBgNVBAcMBlByYWd1ZTEUMBIG
|
|
||||||
A1UEAwwLKi5kZXYubG9jYWwxIzAhBgkqhkiG9w0BCQEWFGx1a2FzQGt1Y2hhcmN6
|
|
||||||
eWsueHl6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/jsQ6h6Podf
|
|
||||||
YxTSAwUIY9+AXQ519Km4YNnxH5Ma3AjFH0asJyYR/CC6Zx4VOI1cZvelLHH/fonu
|
|
||||||
LygSVc9zG5e3k62m6WHxZDDD0GidbmsgPMfPK5r1m9B2McbqWlVDR0Y7FuGCQb0P
|
|
||||||
qClJu86knw2kaYaFHrMVyBgZXAqXfEYIVJJ5SL8Yzo/lyoSHwlmklZ3LjnvlJ9IA
|
|
||||||
OVpoWiuxmCzzEpGWQyve47HgyN5Q6Um8C0hgwj9fbA9L8Ns8PKt3y+ypFJMO8gXs
|
|
||||||
up4h7VhRz8KpqdBpo9ghMsvxTAUiPGkerUEjqiIFK2Iz1bZ8yL5d/Gh0EM6ii2FS
|
|
||||||
wsTpVzJ0xQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAD9stDlWNlzkGFsTJc36
|
|
||||||
CfT7/qovjmxWGJLsuczU7oBwf6nwPuV0W3fUvl2tqz5Nnff4wOnKkRlrR54R0Obl
|
|
||||||
6KgebvwjACypYkFcL075qrdBpm52yiDWfE7ZOAU7tRCZ7DtMeEtSx/g/03bVp0n1
|
|
||||||
7rZm2eeiXB/m7VqabxK1eRwnDktXGuRWpRK7OpQQ0UuKSTlRsI8o4N4r0af8DInP
|
|
||||||
C3mWATJ56dsWaVhW1fBvSFAjrdho1vPadyC2Lb71MyM1H8IQSW8pQlyvAOlw+JVE
|
|
||||||
iEaTYt7miCODHzKSMv73Or2XGYMEFtoLDot3B+rBQun8TQwujDrMA7KU25NcgfQ+
|
|
||||||
d+Y=
|
|
||||||
-----END CERTIFICATE REQUEST-----
|
|
||||||
|
|
@ -1,28 +0,0 @@
|
||||||
-----BEGIN PRIVATE KEY-----
|
|
||||||
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDT+OxDqHo+h19j
|
|
||||||
FNIDBQhj34BdDnX0qbhg2fEfkxrcCMUfRqwnJhH8ILpnHhU4jVxm96Uscf9+ie4v
|
|
||||||
KBJVz3Mbl7eTrabpYfFkMMPQaJ1uayA8x88rmvWb0HYxxupaVUNHRjsW4YJBvQ+o
|
|
||||||
KUm7zqSfDaRphoUesxXIGBlcCpd8RghUknlIvxjOj+XKhIfCWaSVncuOe+Un0gA5
|
|
||||||
WmhaK7GYLPMSkZZDK97jseDI3lDpSbwLSGDCP19sD0vw2zw8q3fL7KkUkw7yBey6
|
|
||||||
niHtWFHPwqmp0Gmj2CEyy/FMBSI8aR6tQSOqIgUrYjPVtnzIvl38aHQQzqKLYVLC
|
|
||||||
xOlXMnTFAgMBAAECggEBAMuHAOPdyrJrLM1n2lYH6QxsN0YicmOe6mgkGv8kMe//
|
|
||||||
g7YKF5XnWfFqQ1BrdBi+snAzbCcGtjj7mvUwVpqJ+44M2Lk1TURdRHfc0sczC6ZP
|
|
||||||
ub5iY6sMuLMJL9OPmMlvgI/ZATdxA663J2dhbWikezA02x5viTX24f0kFoVnrhgl
|
|
||||||
LYSVOVOl94vk1jByJVtJeusd5JwF6JZ6Ws8My7Fzh3hHMepcB5uVfYr20O7FZHEX
|
|
||||||
DAlVN7MSh7nM0a4WsZPg5S5KLMZlhTyqosRwx9n5Y08S8BRYMLNyetRICDe6MIn9
|
|
||||||
cJllAR/W51WsvmH/LHmLTRA6eC4rxO744z0DDpGuc6kCgYEA+44eS79TCRG6zQjo
|
|
||||||
Jt2VMcdUpqTwcXWwllpZh071SV3wMQTlzRwAM8QdPga5O0qYe/UBVxx4dh5MinpN
|
|
||||||
TnGP+4sBlME2Q8iUml5jNU8Fwuo1XZWkdrTmeJl/DyJ2iqokPyJSp/iFhFWuNhJS
|
|
||||||
eNgmu7gvLPMhQjdfTDsom4OSAt8CgYEA17fBltxcWmQV6XxkVbVLnrdesvGv8zGg
|
|
||||||
VIod02wW39G0WR5FEffu+TEOcsdkQGqH9gCUkyEomGzZKGDmzCu+PpLjb1KIBkf+
|
|
||||||
8tt4o4Za91XgOm79m2sP5qczwXqUOsgRZBNPTDrbwIA4Y4pMYoxwx4aQF9DLl0Vt
|
|
||||||
jqNhHtn2ANsCgYA0LcSG/cahiPXwdbqB5VB/JNOgRXJCdqEMbu1HLc+fSkb6RAPO
|
|
||||||
ydIY6sMODKL7c3uxqp5+jT9HcP17c+b5MIEnMiw/yNwSr1ZztsRpWFzfk2lCYjnd
|
|
||||||
DaUIuv4qC4H/PU+LcPkoMlqvmn4qZR6KRnuyUIAomL37WDUCQPspVt9AjQKBgQDB
|
|
||||||
1euNbLtLuc16vXzHCx5FIw5kCwqIo5om/OiqFuFDAwNkZO+5oqjIoA0UlBiATXmY
|
|
||||||
UpMu1cfNl1lWkCQzaEcNoR3e5TE3O7Bad12iytKolzDiMOOPqRdjsfCutT/Gxgni
|
|
||||||
e/twSx81jcGdqCLVFs8sarzFuaeHaSp11lcpyr7jqwKBgQDWL0Dx6/ybyma/NcWD
|
|
||||||
liF6OMkxwvA58c7eoG2pOSENxMhe5rA9uzaYj0jjLCEIwF5X5uI5vsnnl1vKtfA4
|
|
||||||
YAly4qve/lhCqM9YvRi1l2Oi5aeZLqVKF8tA81k5kK/O7dKjHvq8hLIipcQ2Esfy
|
|
||||||
3X+EPcWIxFSX64m5+Ib+cch6hg==
|
|
||||||
-----END PRIVATE KEY-----
|
|
||||||
|
|
@ -1,28 +0,0 @@
|
||||||
-----BEGIN PRIVATE KEY-----
|
|
||||||
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDAH/nCewvHL6pP
|
|
||||||
tGUyUwVBiL6T3er0mS4rM6ifoQxEGb1EsURyngik0I1IaPn9ciI09JnUdXpKnMS3
|
|
||||||
/jhHlkibD93datDPHEdPTdw1TZmQLcJyWW5MQ52/DMKDokCzWdQNENEL7I9A8GUD
|
|
||||||
V1Rl8E3G/uKHAzj2ULI1S+MwY+5URF3MLABmxFEfWcIBNef42wQ67hx74WlwOVVK
|
|
||||||
GNTVyd6EkRXDXu/YoMnZUdWOUxk6Bo9eKALOiVoTDtJOgubs5LT8MmhIosI6SqDM
|
|
||||||
lPq7huLLPD09egDrQqU13LfOG/+N7LXwsTcQXNV6irzMgNTE7vsWDyO+q8m4J1BU
|
|
||||||
sMWHnOpxAgMBAAECggEAD6SK2WLbWqRu4X52ntpTmzpfCfsPnkq6j5ntKNIcBY9y
|
|
||||||
8ZzdTdfALGsula62bARW9KjVvY6zHlAVVEXGn02FK9rm3ZhM2BAdXj+gplZjInIX
|
|
||||||
WugdKuh2d4+6Zq1XR0MRGN89phLktwzbrKH3pTUjoAgwuX1xrdx0JhK/tLjuNr4W
|
|
||||||
CBtmz2X6lzKeD9S7PHu33Tqseg1GCfQYBKyDrCOgWBq8/V0eoAQB3g4t3ZIfzAYN
|
|
||||||
Ft4BEB3prNBgLhuea43DRNcUnIu2k9/LzLTpGJE8oqM55yUEULdWIvRQJHEDfah2
|
|
||||||
1YiDCzzd3CCYgk6CjRaEihL+WPJfohKzDghnrhVp4QKBgQDw6CTWcm6S7/+eO6qP
|
|
||||||
PnyFPK/1ajCwc1KsVEjiS2OQ9WMK6d8pfA9o6lCjlRcu8kCO6CXQS8vXwg7G3PBY
|
|
||||||
7ndMUoyTD5X32uG/VXY1LxYtCdrjKWsnZP/cuTtcodaG/Sp+5Pa1eO00cG6ckCQr
|
|
||||||
FU8BLqeLhOSjlFinvoEVqPFriwKBgQDMKW2xTeqQpbLuTgvGcFglhTiyjGzIwtf7
|
|
||||||
Du0ZqF7LpzY95CUBOL9YZBBcAzarCnemzDeMy7aDuIesVP0JPGdTC2f4W/X++WUO
|
|
||||||
7CXJH7Xt/ULQLXDwRyQiMCKNCCNQtpDfP/Uzf6Ts/F3rIYre3NzscTbUradD3RMd
|
|
||||||
OqyIyzwxcwKBgBGhK3D2Ftlx7sbpnuW0sPAfLNFM4BtJlTc/Q8YrtjGZg5H843Pp
|
|
||||||
vEb1Psl506R/3fGXU40WvugfL22mJYCckuZm9Bqe/V6SCgsyeeASfhD1s6sEEO9l
|
|
||||||
GMRSWeHBhi2CwWVf5B4Lp3A6+h1C/yKYAJwZifFP3FuMM6Cy9Eddga1ZAoGBAKCR
|
|
||||||
SKM0y3F90E8Z9KrZ+olv0FqklH4Et8bNQ251fDChTsi4YN4oGl1TPYaQRHOa5OW7
|
|
||||||
IUlLgjzwaUwA/40/A2hNxTSQZtVkobVtxn36waPuFpkR1Aw1d1aoEtRmfRfirefX
|
|
||||||
LmqVTknQZbEijUyf2eTfWadE+BMokPrhBYcEiE+/AoGBANdhUebsG0AGYvM2SuHy
|
|
||||||
UQFmwamIzSUdBPXvNDALoCOi/9t0ySakxmBOyaUFY6k1WOW/fvBJ4eTGdlIUO6Ee
|
|
||||||
v1vMxpjLb8Z5H19qK/qSu1Q4PI70q0uThaWFFQ4Hhadb1m1vfxZ7u/jqx3rxCVqD
|
|
||||||
dw4+Bq5YpiLXR11wW29gx6dx
|
|
||||||
-----END PRIVATE KEY-----
|
|
||||||
|
|
@ -1,21 +0,0 @@
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIDizCCAnOgAwIBAgIUYUlmu4VunV3uvnrMuV9MOXRJmjowDQYJKoZIhvcNAQEL
|
|
||||||
BQAwVTELMAkGA1UEBhMCQ1oxDzANBgNVBAcMBlByYWd1ZTEQMA4GA1UEAwwHSG9t
|
|
||||||
ZWxhYjEjMCEGCSqGSIb3DQEJARYUbHVrYXNAa3VjaGFyY3p5ay54eXowHhcNMjEw
|
|
||||||
NTEzMjIwMDU1WhcNMzEwNTExMjIwMDU1WjBVMQswCQYDVQQGEwJDWjEPMA0GA1UE
|
|
||||||
BwwGUHJhZ3VlMRAwDgYDVQQDDAdIb21lbGFiMSMwIQYJKoZIhvcNAQkBFhRsdWth
|
|
||||||
c0BrdWNoYXJjenlrLnh5ejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
|
||||||
AMAf+cJ7C8cvqk+0ZTJTBUGIvpPd6vSZLiszqJ+hDEQZvUSxRHKeCKTQjUho+f1y
|
|
||||||
IjT0mdR1ekqcxLf+OEeWSJsP3d1q0M8cR09N3DVNmZAtwnJZbkxDnb8MwoOiQLNZ
|
|
||||||
1A0Q0Qvsj0DwZQNXVGXwTcb+4ocDOPZQsjVL4zBj7lREXcwsAGbEUR9ZwgE15/jb
|
|
||||||
BDruHHvhaXA5VUoY1NXJ3oSRFcNe79igydlR1Y5TGToGj14oAs6JWhMO0k6C5uzk
|
|
||||||
tPwyaEiiwjpKoMyU+ruG4ss8PT16AOtCpTXct84b/43stfCxNxBc1XqKvMyA1MTu
|
|
||||||
+xYPI76rybgnUFSwxYec6nECAwEAAaNTMFEwHQYDVR0OBBYEFMIPcuQ9X1fX4grD
|
|
||||||
O+mb1PipZfPYMB8GA1UdIwQYMBaAFMIPcuQ9X1fX4grDO+mb1PipZfPYMA8GA1Ud
|
|
||||||
EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHKHCIGmFygvzyXENSbzFcwI
|
|
||||||
vSLkB/pb3NLXIcFtFI2hu3NdXkf2Lf/YdSTeXz0TS9M4EyDouVg4rKrGfgQCXwpd
|
|
||||||
FK05b9x2MBrKm1sLMr8gofYvKYlRzF+Fedr/d1S9ze/FE2UbMuzjc70vjRpKd8yN
|
|
||||||
nRATyJdicWUqhZZC2TB2ko3G6vzoUxIHQH7PPHjpJW1kYspio/+ohYSmh9rpqeSG
|
|
||||||
MHYyBsjSbEJJOdkaWWxc+OWhLuhfD4lZlmmzyVBBQ0HQ/shztPaWYogHVpU9yAEW
|
|
||||||
kasPGcwXxrpIaQo06U5qmmDbwfUadljfaOicMuu4Rv2xQPGvdNy49uYdSERlKpQ=
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
|
|
@ -1 +0,0 @@
|
||||||
0F8D54CC2418ABCBF0D6D177BC1A46410761C7FF
|
|
||||||
|
|
@ -30,11 +30,13 @@
|
||||||
-days 3650 \
|
-days 3650 \
|
||||||
-sha256
|
-sha256
|
||||||
when: generate_cert.wildcard
|
when: generate_cert.wildcard
|
||||||
- name: copy wildcard certificate and key
|
- name: copy wildcard certificate and key from vault
|
||||||
copy:
|
copy:
|
||||||
src: "{{ item }}"
|
content: "{{ item.content }}"
|
||||||
dest: "{{ data_folder }}/nginx/{{ item }}"
|
dest: "{{ data_folder }}/nginx/{{ item.name }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
mode: '0700'
|
mode: '0700'
|
||||||
loop:
|
with_items:
|
||||||
- "{{ base_domain }}.crt"
|
- "{{ certificates }}"
|
||||||
- "{{ base_domain }}.key"
|
no_log: true
|
||||||
Loading…
Reference in New Issue