From 0bcb4b89b6f1282cd93e816aef0713c324109936 Mon Sep 17 00:00:00 2001
From: Blallo <blallo@autistici.org>
Date: Sun, 24 Jan 2021 18:30:36 +0100
Subject: [PATCH] Optional tld

When updating /etc/hosts to add the hosts in the inventory, also add the name
postfixed with a configurable tld.
---
 defaults/main.yml               | 1 +
 inventory.yml                   | 1 +
 tasks/generate-server-cert.yaml | 2 +-
 tasks/populate-etc-hosts.yaml   | 2 +-
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index d975f0e..5fb192b 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -50,3 +50,4 @@ gen_tls_server_enable_san: true
 # POPULATE /etc/hosts
 # -------------------
 gen_tls_populate_etc_hosts: false
+# gen_tls_tld:
diff --git a/inventory.yml b/inventory.yml
index d0b3a0e..bfdf34b 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -17,3 +17,4 @@ all:
     gen_tls_ca_organization: Example Inc.
     gen_tls_ca_organizationalunit: SysAdmins
     gen_tls_populate_etc_hosts: yes
+    gen_tls_tld: example
diff --git a/tasks/generate-server-cert.yaml b/tasks/generate-server-cert.yaml
index 025ae36..88ba6a7 100644
--- a/tasks/generate-server-cert.yaml
+++ b/tasks/generate-server-cert.yaml
@@ -58,7 +58,7 @@
     path: "{{ gen_tls_cert_dir }}/{{ inventory_hostname_short }}.csr"
     privatekey_path: "{{ gen_tls_cert_dir }}/{{ inventory_hostname_short }}.key"
     common_name: "{{inventory_hostname_short}}"
-    subject_alt_name: "DNS:{{inventory_hostname}},DNS:{{inventory_hostname_short}},IP:{{(alt_interface_ip is defined) | ternary(alt_interface_ip, ansible_default_ipv4.address)}},IP:0.0.0.0,IP:127.0.0.1"
+    subject_alt_name: "{% if gen_tls_tld is defined %}DNS:{{ inventory_hostname_short }}.{{ gen_tls_tld }},{% endif %}DNS:{{inventory_hostname}},DNS:{{inventory_hostname_short}},IP:{{(alt_interface_ip is defined) | ternary(alt_interface_ip, ansible_default_ipv4.address)}},IP:0.0.0.0,IP:127.0.0.1"
   when:
     - not server_csr.stat.exists
     - gen_tls_generate_server_cert
diff --git a/tasks/populate-etc-hosts.yaml b/tasks/populate-etc-hosts.yaml
index 184d712..9d9d626 100644
--- a/tasks/populate-etc-hosts.yaml
+++ b/tasks/populate-etc-hosts.yaml
@@ -4,7 +4,7 @@
   lineinfile:
     dest: /etc/hosts
     regexp: '.*{{ item }}$'
-    line: "{{ hostvars[item].ansible_host }} {{item}}"
+    line: "{{ hostvars[item].ansible_host }} {{item}}{% if gen_tls_tld is defined %} {{ item }}.{{ gen_tls_tld }}{% endif %}"
     state: present
   when: hostvars[item].ansible_host is defined
   loop: "{{ groups.all }}"