- name: create sign user
|
|
user:
|
|
name: sign
|
|
shell: /usr/local/bin/ca-shell
|
|
|
|
- name: create request user
|
|
user:
|
|
name: request
|
|
shell: /usr/local/bin/ca-server
|
|
|
|
- name: install ca packages
|
|
apt:
|
|
name: "{{ item }}"
|
|
state: present
|
|
update_cache: yes
|
|
cache_valid_time: 3600
|
|
install_recommends: '{{ install_recommends | default("no") }}'
|
|
with_items:
|
|
- python3
|
|
- python3-pip
|
|
- python3-setuptools
|
|
|
|
- name: install from release
|
|
pip:
|
|
name: https://github.com/LILiK-117bis/ca_manager/tarball/v0.3
|
|
executable: pip3
|
|
|
|
- name: create /var/lib/ca_manager
|
|
file:
|
|
path: /var/lib/ca_manager
|
|
owner: sign
|
|
group: sign
|
|
mode: 0751
|
|
state: directory
|
|
|
|
- name: set outputs permissions
|
|
file:
|
|
path: /var/lib/ca_manager/outputs
|
|
owner: sign
|
|
group: sign
|
|
mode: 0751
|
|
state: directory
|
|
|
|
- name: set private permissions
|
|
file:
|
|
path: /var/lib/ca_manager/private
|
|
owner: sign
|
|
group: sign
|
|
mode: 0700
|
|
state: directory
|
|
|
|
- name: set requests permissions
|
|
file:
|
|
path: /var/lib/ca_manager/requests
|
|
owner: sign
|
|
group: request
|
|
mode: 0730
|
|
state: directory
|
|
|
|
- name: set results permissions
|
|
file:
|
|
path: /var/lib/ca_manager/results
|
|
owner: sign
|
|
group: sign
|
|
mode: 0751
|
|
state: directory
|