Parametrize remote directories

defaults/main.yml

@@ -3,6 +3,8 @@
 generate_tls_certs: true
 # Do not put trailing slash "/"
 cert_dir: ./certs
+remote_certs_dir: /etc/ssl
+remote_ca_certs_dir: /etc/ssl/certs
 generate_ca_cert: false
 generate_client_cert: false
 generate_server_cert: false

tasks/generate-ca-cert.yaml

@@ -56,7 +56,7 @@
 - name: Copy the CA certificate to the remote machine
   copy:
     src: "{{ cert_dir }}/{{ tls_ca_cert }}"
-    dest: /etc/ssl/certs/
+    dest: "{{ remote_ca_certs_dir }}"
     mode: 0644
     owner: root
     group: root

tasks/generate-client-cert.yaml

@@ -4,7 +4,7 @@
   file:
     state: directory
     recurse: yes
-    path: "/etc/ssl/{{ item.path }}"
+    path: "{{ remote_certs_dir }}/{{ item.path }}"
     mode: "{{ item.mode }}"
     owner: root
     group: root
@@ -32,7 +32,7 @@
   become: yes
   copy:
     src: "{{ cert_dir }}/{{ tls_client_key}}"
-    dest: /etc/ssl/local/certs/
+    dest: "{{ remote_certs_dir }}/local/certs/"
     mode: 0644
     owner: root
     group: root
@@ -80,7 +80,7 @@
   become: yes
   copy:
     src: "{{ cert_dir }}/{{ tls_client_cert }}"
-    dest: /etc/ssl/local/private
+    dest: "{{ remote_certs_dir }}/local/private"
     mode: 0600
     owner: root
     group: root

tasks/generate-server-cert.yaml

@@ -4,7 +4,7 @@
   file:
     state: directory
     recurse: yes
-    path: "/etc/ssl/{{ item.path }}"
+    path: "{{ remote_certs_dir }}/{{ item.path }}"
     mode: "{{ item.mode }}"
     owner: root
     group: root
@@ -29,7 +29,7 @@
   become: yes
   copy:
     src: "{{ cert_dir }}/{{ inventory_hostname_short }}.key"
-    dest: /etc/ssl/local/certs/
+    dest: "{{ remote_certs_dir }}/local/certs/"
     mode: 0644
     owner: root
     group: root
@@ -89,7 +89,7 @@
   become: yes
   copy:
     src: "{{ cert_dir }}/{{ inventory_hostname_short }}.pem"
-    dest: /etc/ssl/local/private
+    dest: "{{ remote_certs_dir }}/local/private"
     mode: 0600
     owner: root
     group: root