mirror of https://github.com/trailofbits/algo
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.0 KiB
YAML
43 lines
1.0 KiB
YAML
---
|
|
|
|
- name: Gather Facts
|
|
setup:
|
|
|
|
- name: Ensure the algo ssh key exist on the server
|
|
authorized_key:
|
|
user: "{{ ansible_ssh_user }}"
|
|
state: present
|
|
key: "{{ lookup('file', '{{ SSH_keys.public }}') }}"
|
|
tags: [ 'cloud' ]
|
|
|
|
- name: Enable IPv6
|
|
set_fact:
|
|
ipv6_support: true
|
|
when: ansible_default_ipv6.gateway is defined
|
|
|
|
- name: Set facts if the deployment in a cloud
|
|
set_fact:
|
|
cloud_deployment: true
|
|
tags: ['cloud']
|
|
|
|
- name: Generate password for the CA key
|
|
local_action:
|
|
module: shell
|
|
openssl rand -hex 16
|
|
become: no
|
|
register: CA_password
|
|
|
|
- name: Define password facts
|
|
set_fact:
|
|
easyrsa_p12_export_password: "{{ p12_export_password|default((ansible_date_time.iso8601_basic|sha1|to_uuid).split('-')[0]) }}"
|
|
easyrsa_CA_password: "{{ CA_password.stdout }}"
|
|
|
|
- name: Define the commonName
|
|
set_fact:
|
|
IP_subject_alt_name: "{{ IP_subject_alt_name }}"
|
|
|
|
- name: Change the algorithm to RSA
|
|
set_fact:
|
|
algo_params: "rsa:2048"
|
|
when: Win10_Enabled is defined and Win10_Enabled == "Y"
|