Added role misc/dhparams
parent
69a0b5fd69
commit
586163c9d0
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
dhparams_local_path: "credentials/{{ inventory_hostname }}/dhparams"
|
||||||
|
dhparams_remote_path: "/etc/dhparams"
|
||||||
|
|
||||||
|
dhparams_size: 4096
|
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
allow_duplicates: no
|
@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
# Generate locally because of more randomness & faster generation
|
||||||
|
- name: Generate dh params locally
|
||||||
|
command: openssl dhparam -out {{ dhparams_local_path | quote }} {{ dhparams_size }}
|
||||||
|
args:
|
||||||
|
creates: "{{ dhparams_local_path }}"
|
||||||
|
delegate_to: localhost
|
||||||
|
|
||||||
|
- name: Upload dh params to remote
|
||||||
|
copy:
|
||||||
|
src: "{{ dhparams_local_path }}"
|
||||||
|
dest: "{{ dhparams_remote_path }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rw,g=r,o=r
|
Loading…
Reference in New Issue