19 lines
1.7 KiB
YAML
19 lines
1.7 KiB
YAML
- block:
|
|
- name: base | system setup | make sure directory exists
|
|
file:
|
|
path: "/etc/ca-certificates/trust-source/anchors" # required. Path to the file being managed.
|
|
state: directory # not required. choices: absent;directory;file;hard;link;touch. If C(absent), directories will be recursively deleted, and files or symlinks will be unlinked. In the case of a directory, if C(diff) is declared, you will see the files and folders deleted listed under C(path_contents). Note that C(absent) will not cause C(file) to fail if the C(path) does not exist as the state did not change. If C(directory), all intermediate subdirectories will be created if they do not exist. Since Ansible 1.7 they will be created with the supplied permissions. If C(file), without any other options this works mostly as a 'stat' and will return the current state of C(path). Even with other options (i.e C(mode)), the file will be modified but will NOT be created if it does not exist; see the C(touch) value or the M(copy) or M(template) module if you want that behavior. If C(hard), the hard link will be created or changed. If C(link), the symbolic link will be created or changed. If C(touch) (new in 1.4), an empty file will be created if the C(path) does not exist, while an existing file or directory will receive updated file access and modification times (similar to the way C(touch) works from the command line).
|
|
|
|
- name: base | system setup | get step-ca certificate
|
|
get_url:
|
|
url: "https://step-ca.universe.local/roots.pem"
|
|
dest: "/usr/local/share/certificates/"
|
|
validate_certs: false
|
|
|
|
- name: base | system setup | import step-ca certificate
|
|
command:
|
|
cmd: "update-ca-trust"
|
|
become: yes
|
|
rescue:
|
|
- set_fact: task_failed=true
|