On Thursday, 23 August 2018 20.22.39 CEST Dave Cottlehuber wrote:
> hi,
>
> I've 3 files on a remote server after acme let's encrypt dns-01 process, that
> need to be concatenated in a specific order (private.key intermediate.cert
> public.cert ) for my TLS proxy, on the same system.
>
> - the assemble module seems ideal but it doesn't enforce order,
It sort of does it's string sorting order.
> and it bundles a given directory, not specific files
You have regexp to filter out only the files you want, but yes they need to be
in the same directory.
> - using fetch module and jinja ends up with a local copy of a private key
> which I'd rather avoid
You have slurp module, then the information is only in memory, but when you use
copy module afterwards it might touch the disk, I'm not sure how Ansible is
does it.
> - the easiest option (shell script) is not a way to learn new tricks in
> ansible :D
Sometimes that is you best and/or only option ;-)
> Does anybody have suggestions on using some of the new features in loops to
> achieve this somehow?
I would probably just do
- shell: cat {{ config.domain }}.crt intermediate.crt {{ config.domain }}.key
>/usr/local/etc/ssl/acme/{{ config.domain }}.all
args:
chdir: /usr/local/etc/ssl/acme
> BTW this is what I currently tried; the copy/content block doesn't work yet
> as I've not figured out the correct way inside a jinja template to use {{
> item }} inside the lookup:
>
> - name: acme | fetch certificates for concatenation
> fetch:
> src: "/usr/local/etc/ssl/acme/{{ item }}"
> dest: "{{ config.domain }}/certs/{{ item }}"
> with_items:
> - "{{ config.domain }}.crt"
> - "intermediate.crt"
> - "{{ config.domain }}.key"
> tags:
> - acme
> - concatenate
>
> - name: acme | concatenate certs for haproxy
> copy:
> content: >
> {{ lookup('file', "{{ config.domain }}/certs/{{ item }}") }}
> {{ lookup('file', "{{ config.domain }}/certs/{{ item }}") }}
> {{ lookup('file', "{{ config.domain }}/certs/{{ item }}") }}
You can't use {{}} inside {{}} since you already are in template mode, so you
need to use concatenation.
{{ lookup('file', config.domain ~ '/certs/' ~ item) }}
--
Kai Stian Olstad
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/3036468.KgZU9aBJcW%40x1.
For more options, visit https://groups.google.com/d/optout.
