fix linter errors

2021-07-16 20:50:05 +02:00 · 2021-07-16 20:50:05 +02:00 · aa1de02b8c
commit aa1de02b8c
parent 30fc930c4d
6 changed files with 43 additions and 20 deletions
--- a/tasks/ownca_cert.yml
+++ b/tasks/ownca_cert.yml
@ -1,8 +1,10 @@
 - include_tasks: common_cert.yml

- set_fact:
+- name: store ca base path
+  set_fact:
    capath: "{{ cert_backend.basepath }}/{{ cert_backend.name }}"
- set_fact:
+- name: store ca sub paths
+  set_fact:
    cacertpath: "{{ capath }}/ca.crt"
    cakeypath: "{{ capath }}/ca.key"
    cacsrpath: "{{ capath }}/ca.csr"
@ -81,6 +83,9 @@
    copy:
      content: "{{ csrfile.content | b64decode }}"
      dest: "{{ remotecsrpath }}"
+      mode: 0644
+      owner: root
+      group: root
  - name: "sign certificate for {{ certname }}"
    register: casignedsign
    openssl_certificate:
@ -100,10 +105,16 @@
  copy:
    content: "{{ crtfile.content | b64decode }}"
    dest: "{{ cert.certpath }}"
+    mode: 0644
+    owner: root
+    group: root
 - name: "write ca ({{ certname }})"
  copy:
    content: "{{ cafile.content | b64decode }}"
    dest: "{{ cert.capath }}"
+    mode: 0644
+    owner: root
+    group: root
 - name: "generate concatinated versions (chain) for {{ certname }}"
  copy:
    content: "{{ crtfile.content | b64decode }}{{ cafile.content | b64decode }}"
@ -119,7 +130,8 @@
    owner: root
    group: ssl-cert

- set_fact:
+- name: store if the cert was changed
+  set_fact:
    certchanged: "{{ casignedsign is changed }}"
 - name: handle postflight
  include: common_post.yml