4ec24ec344
* Add support for obtain ECDSA keys * Replace matrix_ssl_lets_encrypt_use_ecdsa_keys for matrix_ssl_lets_encrypt_key_type
37 lines
1.1 KiB
YAML
37 lines
1.1 KiB
YAML
---
|
|
|
|
- name: Fail if using unsupported SSL certificate retrieval method
|
|
fail:
|
|
msg: "The `matrix_ssl_retrieval_method` variable contains an unsupported value"
|
|
when: "matrix_ssl_retrieval_method not in ['lets-encrypt', 'self-signed', 'manually-managed', 'none']"
|
|
|
|
- name: Fail if using unsupported private key type
|
|
fail:
|
|
msg: "The `matrix_ssl_lets_encrypt_key_type` variable contains an unsupported value"
|
|
when: "matrix_ssl_lets_encrypt_key_type not in ['rsa', 'ecdsa']"
|
|
|
|
|
|
# Common tasks, required by almost any method below.
|
|
|
|
- name: Ensure SSL certificate paths exists
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
mode: 0770
|
|
owner: "{{ matrix_user_username }}"
|
|
group: "{{ matrix_user_groupname }}"
|
|
recurse: true
|
|
with_items:
|
|
- "{{ matrix_ssl_log_dir_path }}"
|
|
- "{{ matrix_ssl_config_dir_path }}"
|
|
when: "matrix_ssl_retrieval_method != 'none'"
|
|
|
|
|
|
# Method specific tasks follow
|
|
|
|
- import_tasks: tasks/ssl/setup_ssl_lets_encrypt.yml
|
|
|
|
- import_tasks: tasks/ssl/setup_ssl_self_signed.yml
|
|
|
|
- import_tasks: tasks/ssl/setup_ssl_manually_managed.yml
|