Hello,
Thanks to you suggestion, I re-factored my code and putting the variables
into vars/meddle.yml :
- ssl_certs:
- mailgate:
key: '/etc/ssl/private/letsencrypt_meddle.example.com_mailgate.key'
csr: '/tmp/letsencrypt_meddle.example.com_mailgate.csr'
crt: '/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate.pem'
fullchain_crt:
'/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate_fullchain.pem'
email: '[email protected]'
subjectAltName:
'DNS:mail.example.com,DNS:smtp.example.com,DNS:imap.example.com'
- http:
key: '/etc/ssl/private/letsencrypt_meddle.example.com_http.key'
csr: '/tmp/letsencrypt_meddle.example.com_http.csr'
crt: '/etc/ssl/certs/letsencrypt_meddle.example.com_http.pem'
fullchain_crt:
'/etc/ssl/certs/letsencrypt_meddle.example.com_http_fullchain.pem'
email: '[email protected]'
subjectAltName:
'DNS:example.com,DNS:www.example.com,DNS:webmail.example.com,DNS:photo.example.com'
The playbook looks now like this :
---
- name: test certificate creation
hosts: meddle
strategy: debug
vars_files:
- "vars/defaults.yml"
- "vars/meddle.yml"
roles:
- { role: sslcert, ssl_cert: ssl_certs.mailgate }
- { role: sslcert, ssl_cert: ssl_certs.http }
But unfortunately this doesn't work : my variable "ssl_cert" does not
contain what I expect :
TASK [sslcert : check if the private key exists]
*******************************
fatal: [meddle]: FAILED! => {"failed": true, "msg": "the field 'args' has
an invalid value, which appears to include a variable that is undefined.
The error was: 'ansible.parsing.yaml.objects.AnsibleUnicode object' has no
attribute 'key'\n\nThe error appears to have been in
'/etc/ansible/roles/sslcert/tasks/main.yml': line 25, column 3, but may\nbe
elsewhere in the file depending on the exact syntax problem.\n\nThe
offending line appears to be:\n\n\n- name: check if the private key
exists\n ^ here\n"}
Debugger invoked
(debug) p vars['ssl_cert']
u'ssl_certs.mailgate'
(debug) p vars['ssl_certs']
[{u'mailgate': {u'crt':
u'/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate.pem',
u'csr': u'/tmp/letsencrypt_meddle.example.com_mailgate.csr',
u'email': u'[email protected]',
u'fullchain_crt':
u'/etc/ssl/certs/letsencrypt_meddle.example.com_mailgate_fullchain.pem',
u'key':
u'/etc/ssl/private/letsencrypt_meddle.example.com_mailgate.key',
u'subjectAltName':
u'DNS:mail.example.com,DNS:smtp.example.com,DNS:imap.example.com'}},
{u'http': {u'crt':
u'/etc/ssl/certs/letsencrypt_meddle.example.com_http.pem',
u'csr': u'/tmp/letsencrypt_meddle.example.com_http.csr',
u'email': u'[email protected]',
u'fullchain_crt':
u'/etc/ssl/certs/letsencrypt_meddle.example.com_http_fullchain.pem',
u'key':
u'/etc/ssl/private/letsencrypt_meddle.example.com_http.key',
u'subjectAltName':
u'DNS:example.com,DNS:www.example.com,DNS:webmail.example.com,DNS:photo.example.com'}}]
Where am I wrong ???
Thanks,
Eric
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/090f0db7-8ac8-46ee-a0cb-6258aa728c50%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
