added ca settings

fspv · Oct 20, 2024 · 4458ef9 · 4458ef9
1 parent 9e866d7
commit 4458ef9
Show file tree

Hide file tree

Showing 8 changed files with 26 additions and 2 deletions.
diff --git a/roles/ca-cert/defaults/main.yml b/roles/ca-cert/defaults/main.yml
@@ -0,0 +1,3 @@
+# key - ca name
+# value - ca certificate
+ca_cert: {}
diff --git a/roles/ca-cert/handlers/main.yml b/roles/ca-cert/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: handler update-ca-certificates
+  shell:
+    cmd: update-ca-certificates
diff --git a/roles/ca-cert/meta/main.yml b/roles/ca-cert/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+  - { role: pkgmanager }
diff --git a/roles/ca-cert/tasks/configs.yml b/roles/ca-cert/tasks/configs.yml
@@ -0,0 +1,12 @@
+- name: config custom ca certificates
+  copy:
+    content: "{{ item.value }}"
+    dest: "/usr/local/share/ca-certificates/{{ item.key }}.pem"
+    owner: root
+    group: root
+    mode: '0644'
+  with_dict: "{{ ca_cert }}"
+  notify:
+    - handler update-ca-certificates
+
+- meta: flush_handlers
diff --git a/roles/ca-cert/tasks/main.yml b/roles/ca-cert/tasks/main.yml
@@ -0,0 +1,2 @@
+- import_tasks: packages.yml
+- import_tasks: configs.yml
diff --git a/roles/ca-cert/tasks/packages.yml b/roles/ca-cert/tasks/packages.yml
@@ -0,0 +1,3 @@
+- name: pkg
+  apt:
+    name: ca-certificates
diff --git a/roles/common-tweaks/meta/main.yml b/roles/common-tweaks/meta/main.yml
@@ -2,6 +2,7 @@ dependencies:
   - { role: user, when: ansible_distribution == "Ubuntu" }
   - { role: pkgmanager }
   - { role: tzdata }
+  - { role: ca-cert }
   - { role: systemd }
   - { role: apparmor }
   - { role: tuxedo, when: ansible_system_vendor == "TUXEDO" }

diff --git a/roles/ubuntu-devserver/meta/main.yml b/roles/ubuntu-devserver/meta/main.yml
@@ -1,6 +1,4 @@
 dependencies:
-  - { role: bind }
-  - { role: resolv }
   - { role: docker }
   - { role: openvpn }
   - { role: tailscale }