renew_consul_certificates/tasks/configure.yml

---
# task/configure file for renew_consul_certificates
- name: "Configure files for consul certificate renewal"
  become: true
  notify:
    - "systemctl-enable-consul-certs"
    - "systemctl-restart-consul-certs"
  block:
    - name: "Copy consul_config.hcl template"
      ansible.builtin.template:
        src: consul_config.hcl.j2
        dest: "{{ renew_consul_certificates_config_dir }}/consul_config.hcl"
        owner: "{{ renew_consul_certificates_consul_user }}"
        group: "{{ renew_consul_certificates_consul_group }}"
        mode: '0600'

    - name: "Copy consul_ca.pem.tpl template"
      ansible.builtin.template:
        src: consul_ca.pem.tpl.j2
        dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_ca.pem.tpl"
        owner: "{{ renew_consul_certificates_consul_user }}"
        group: "{{ renew_consul_certificates_consul_group }}"
        mode: '0600'

    - name: "Copy consul_cert.pem.tpl template"
      ansible.builtin.template:
        src: consul_cert.pem.tpl.j2
        dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_cert.pem.tpl"
        owner: "{{ renew_consul_certificates_consul_user }}"
        group: "{{ renew_consul_certificates_consul_group }}"
        mode: '0600'

    - name: "Copy consul_cert.key.tpl template"
      ansible.builtin.template:
        src: consul_key.pem.tpl.j2
        dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_key.pem.tpl"
        owner: "{{ renew_consul_certificates_consul_user }}"
        group: "{{ renew_consul_certificates_consul_group }}"
        mode: '0600'

- name: "Configure consul-certs systemd service"
  become: true
  notify:
    - "systemctl-daemon-reload"
  block:
    - name: "Configure consul-certs env file"
      ansible.builtin.template:
        src: consul-certs.env.j2
        dest: "{{ renew_consul_certificates_config_dir }}/consul-certs.env"
        owner: root
        group: root
        mode: '0644'

    - name: "Configure consul-certs systemd service"
      ansible.builtin.template:
        src: consul-certs.service.j2
        dest: /etc/systemd/system/consul-certs.service
        owner: root
        group: root
        mode: '0644'
added skeleton tasks 2023-04-28 21:49:24 +00:00			`---`
almost done, untested yet 2023-04-29 19:46:58 +00:00			`# task/configure file for renew_consul_certificates`
			`- name: "Configure files for consul certificate renewal"`
feat: add vagrant tests, become statements, fix #1 2023-12-02 09:09:56 +00:00			`become: true`
almost done, untested yet 2023-04-29 19:46:58 +00:00			`notify:`
			`- "systemctl-enable-consul-certs"`
			`- "systemctl-restart-consul-certs"`
			`block:`
			`- name: "Copy consul_config.hcl template"`
			`ansible.builtin.template:`
			`src: consul_config.hcl.j2`
			`dest: "{{ renew_consul_certificates_config_dir }}/consul_config.hcl"`
			`owner: "{{ renew_consul_certificates_consul_user }}"`
			`group: "{{ renew_consul_certificates_consul_group }}"`
			`mode: '0600'`

			`- name: "Copy consul_ca.pem.tpl template"`
			`ansible.builtin.template:`
			`src: consul_ca.pem.tpl.j2`
			`dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_ca.pem.tpl"`
			`owner: "{{ renew_consul_certificates_consul_user }}"`
			`group: "{{ renew_consul_certificates_consul_group }}"`
			`mode: '0600'`

			`- name: "Copy consul_cert.pem.tpl template"`
			`ansible.builtin.template:`
			`src: consul_cert.pem.tpl.j2`
			`dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_cert.pem.tpl"`
			`owner: "{{ renew_consul_certificates_consul_user }}"`
			`group: "{{ renew_consul_certificates_consul_group }}"`
			`mode: '0600'`

			`- name: "Copy consul_cert.key.tpl template"`
			`ansible.builtin.template:`
			`src: consul_key.pem.tpl.j2`
			`dest: "{{ renew_consul_certificates_config_dir }}/templates/consul_key.pem.tpl"`
			`owner: "{{ renew_consul_certificates_consul_user }}"`
			`group: "{{ renew_consul_certificates_consul_group }}"`
			`mode: '0600'`

			`- name: "Configure consul-certs systemd service"`
feat: add vagrant tests, become statements, fix #1 2023-12-02 09:09:56 +00:00			`become: true`
almost done, untested yet 2023-04-29 19:46:58 +00:00			`notify:`
			`- "systemctl-daemon-reload"`
added consul reload back, with env variable file 2023-05-05 20:48:57 +00:00			`block:`
			`- name: "Configure consul-certs env file"`
			`ansible.builtin.template:`
			`src: consul-certs.env.j2`
			`dest: "{{ renew_consul_certificates_config_dir }}/consul-certs.env"`
			`owner: root`
			`group: root`
			`mode: '0644'`

			`- name: "Configure consul-certs systemd service"`
			`ansible.builtin.template:`
			`src: consul-certs.service.j2`
			`dest: /etc/systemd/system/consul-certs.service`
			`owner: root`
			`group: root`
			`mode: '0644'`