Optional tld

When updating /etc/hosts to add the hosts in the inventory, also add the name
postfixed with a configurable tld.
master
blallo 2021-01-24 18:30:36 +01:00
parent f485128919
commit 0bcb4b89b6
Signed by: blallo
GPG Key ID: 0CBE577C9B72DC3F
4 changed files with 4 additions and 2 deletions

View File

@ -50,3 +50,4 @@ gen_tls_server_enable_san: true
# POPULATE /etc/hosts
# -------------------
gen_tls_populate_etc_hosts: false
# gen_tls_tld:

View File

@ -17,3 +17,4 @@ all:
gen_tls_ca_organization: Example Inc.
gen_tls_ca_organizationalunit: SysAdmins
gen_tls_populate_etc_hosts: yes
gen_tls_tld: example

View File

@ -58,7 +58,7 @@
path: "{{ gen_tls_cert_dir }}/{{ inventory_hostname_short }}.csr"
privatekey_path: "{{ gen_tls_cert_dir }}/{{ inventory_hostname_short }}.key"
common_name: "{{inventory_hostname_short}}"
subject_alt_name: "DNS:{{inventory_hostname}},DNS:{{inventory_hostname_short}},IP:{{(alt_interface_ip is defined) | ternary(alt_interface_ip, ansible_default_ipv4.address)}},IP:0.0.0.0,IP:127.0.0.1"
subject_alt_name: "{% if gen_tls_tld is defined %}DNS:{{ inventory_hostname_short }}.{{ gen_tls_tld }},{% endif %}DNS:{{inventory_hostname}},DNS:{{inventory_hostname_short}},IP:{{(alt_interface_ip is defined) | ternary(alt_interface_ip, ansible_default_ipv4.address)}},IP:0.0.0.0,IP:127.0.0.1"
when:
- not server_csr.stat.exists
- gen_tls_generate_server_cert

View File

@ -4,7 +4,7 @@
lineinfile:
dest: /etc/hosts
regexp: '.*{{ item }}$'
line: "{{ hostvars[item].ansible_host }} {{item}}"
line: "{{ hostvars[item].ansible_host }} {{item}}{% if gen_tls_tld is defined %} {{ item }}.{{ gen_tls_tld }}{% endif %}"
state: present
when: hostvars[item].ansible_host is defined
loop: "{{ groups.all }}"