Currently the role only supports copying cert files to remote hosts using either the root user (not a good security practice) to write those files to any directory on the file system or using another user and only being able to copy the files on the user's owned locations. Since the user running the playbook should be only used to access the machines and then use privilege escalation to execute tasks like writing to /etc/ssl, a solution is needed that accepts a privilege escalation parameter.
PROPOSED SOLUTION
Optionally allow a privilege escalation parameter like "become" to be specified in the role configuration and, if specified, use it to escalate privileges using a method like "sudo" to write on other locations rather than the user's home directory or /tmp.
CURRENT ALTERNATIVES
Copying the local files to the remote location with a task defined on the playbook
BUSINESS PROBLEM
Currently the role only supports copying cert files to remote hosts using either the root user (not a good security practice) to write those files to any directory on the file system or using another user and only being able to copy the files on the user's owned locations. Since the user running the playbook should be only used to access the machines and then use privilege escalation to execute tasks like writing to /etc/ssl, a solution is needed that accepts a privilege escalation parameter.
PROPOSED SOLUTION
Optionally allow a privilege escalation parameter like "become" to be specified in the role configuration and, if specified, use it to escalate privileges using a method like "sudo" to write on other locations rather than the user's home directory or /tmp.
CURRENT ALTERNATIVES
Copying the local files to the remote location with a task defined on the playbook