search

debops / ansible-pki

Bootstrap and manage internal PKI, Certificate Authorities and OpenSSL/GnuTLS certificates
GNU General Public License v3.0
65 stars 29 forks source link

Copy Cert/Key from variable #13

Closed MatthewMi11er closed 9 years ago

MatthewMi11er commented 9 years ago

It would be useful to be able to copy a cert/key from an external CA from a variable instead of having to save it to the secret directory first.

That way I could do something like this: In vault file:

my_crt: |
  -----BEGIN CERTIFICATE-----
  ALKSICERTIFICATESKJOLKJLJ
  ALKSIDKLEVALUEDLKJOLKJLJ
  -----END CERTIFICATE-----

In nginx definition:

nginx_server_default:
  default: True
  enabled: True
  name: ['my_domain']
  pki_crt: '{{ my_crt }}'
  pki_key: '{{ my_key }}'

This doesn't seem possible currently.

drybjed commented 9 years ago

@MatthewMi11er Here you go. :-) Read the comments, they should be self-explanatory. And don't use these my_crt/my_key variables directly in nginx role like that, it won't work. Instead, point nginx to your certificate/key files in /etc/pki/.

MatthewMi11er commented 9 years ago

Awesome! That looks great, I'll try it out.