Managing CA Certs.
MIT / BSD
- Made and maintained by: Kasra Amirsarvari
- Ansible Galaxy community author: https://galaxy.ansible.com/caseraw
- Dockerhub community user: https://hub.docker.com/u/caseraw
- Ensure a package manager is available and configured with the correct package sources and repositories.
- Ensure privileged permissions are set for the user executing this role to:
- Install packages.
- Update system certificate files and trusts.
N/A
Compatible with the following list of operating systems:
- CentOS 7
- CentOS 8
- RHEL 7.x
- RHEL 8.x
| Variable name | Description |
|---|---|
| role_cacerts_required_package_list | A per distribution package list. |
| role_cacerts_required_packages | Rendered list of distribution package list. |
| role_cacerts_cert_list | List of CA certificates to deploy or to remove. |
---
- name: Manage CA certs
become: True
gather_facts: True
tasks:
- import_role:
name: ansible_role_cacerts
vars:
role_cacerts_required_package_list:
RedHat_7:
- ca-certificates
RedHat_8:
- ca-certificates
role_cacerts_required_packages: '{{ role_cacerts_required_package_list[ansible_distribution + "_" + ansible_distribution_major_version] | default([]) }}'
role_cacerts_cert_list:
- src: 'example.crt'
dest: '/etc/pki/ca-trust/source/anchors/example.crt'
type: file
state: pesent
- src: 'https://certs.example.com/example.crt'
dest: '/etc/pki/ca-trust/source/anchors/example.crt'
type: url
validate_certs: False
state: pesent
...N/A
N/A
This role is locally tested with the use of Molecule, the configuration is located at: molecule/default.
The Molecule tests are run (using the docker driver) on Dockerhub images built for this purpose:
This role uses Travis CI to run online tests with the use of Molecule and pushes notifications to import the role into Ansible Galaxy once the tests are successful. The Travis CI configuration is located at the root of the Ansible role .travis.yml
- GitHub repository: https://github.com/Caseraw/ansible_role_cacerts
- Travis CI build status: https://travis-ci.org/Caseraw/ansible_role_cacerts
- Ansible Galaxy role: https://galaxy.ansible.com/caseraw/ansible_role_cacerts