triadamaple.blogg.se

If mode is not specified and the destination filesystem object does not exist, the default umask on the system will be used when setting the mode for the newly created filesystem object. Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.Īs of Ansible 1.8, the mode may be specified as a symbolic mode (for example, u+rwx or u=rw,g=r,o=r). You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like 0644 or 01777) or quote it (like '644' or '1777') so Ansible receives a string and can do its own conversion from string into number. The permissions the resulting filesystem object should have.įor those used to /usr/bin/chmod remember that modes are actually octal numbers. The below requirements are needed on the host that executes this module.Īcme-tiny >= 4.0.0 (if using the acme provider)Ĭryptography >= 1.6 (if using selfsigned or ownca provider) This module allows one to (re)generate OpenSSL certificates. The ownca provider is intended for generating an OpenSSL certificate signed with your own CA (Certificate Authority) certificate (self-signed certificate). If you are concerned that this could overwrite your existing certificate, consider using the backup option. Please note that the module regenerates existing certificate if it does not match the module’s options, or if it seems to be corrupt. When using FQCNs or when using the collections keyword, the new name 509_certificate should be used to avoid a deprecation warning. From Ansible 2.10 on, it can still be used by the old short name (or by _certificate), which redirects to 509_certificate. When moved to the collection community.crypto, it was renamed to 509_certificate.

Note that this module was called openssl_certificate when included directly in Ansible up to version 2.9. It uses the cryptography python library to interact with OpenSSL. It implements a notion of provider (one of selfsigned, ownca, acme, and entrust) for your certificate. Controlling how Ansible behaves: precedence rules.Collections in the Theforeman Namespace.Collections in the T_systems_mms Namespace.