From d2fa1b290a430538187d261ac8508039da8bc441 Mon Sep 17 00:00:00 2001 From: Jason Rothstein Date: Sun, 23 Jan 2022 17:07:18 -0600 Subject: [PATCH] Allow choice in TLS Certificate from mod_md --- README.md | 4 +++- defaults/main.yml | 3 ++- .../Fedora/34/usr/lib/systemd/system/mariadb-copytls.service | 2 +- .../Fedora/35/usr/lib/systemd/system/mariadb-copytls.service | 2 +- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 225dd44..8b230d9 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,9 @@ Any pre-requisites that may not be covered by Ansible itself or the role should Role Variables -------------- -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. +| variable | default | description | +|-|-|-| +| mariadb_vhost | inventory_hostname | What mod_md certificate should be used for MariaDB | Dependencies ------------ diff --git a/defaults/main.yml b/defaults/main.yml index 919c492..4eadb0c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,2 +1,3 @@ --- -# defaults file for ensure_mariadb \ No newline at end of file +# defaults file for ensure_mariadb +mariadb_vhost: '{{ inventory_hostname }}' diff --git a/templates/Fedora/34/usr/lib/systemd/system/mariadb-copytls.service b/templates/Fedora/34/usr/lib/systemd/system/mariadb-copytls.service index 625bdd1..3f63078 100644 --- a/templates/Fedora/34/usr/lib/systemd/system/mariadb-copytls.service +++ b/templates/Fedora/34/usr/lib/systemd/system/mariadb-copytls.service @@ -4,7 +4,7 @@ Description=Copy TLS Certificates for Mariadb [Service] Type=oneshot ExecStartPre=mkdir -p /etc/my.cnf.d/certificates -ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/*/*.pem /etc/my.cnf.d/certificates/' +ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/{{ mariadb_vhost }}/*.pem /etc/my.cnf.d/certificates/' ExecStartPost=chown -R mysql:mysql /etc/my.cnf.d/certificates [Install] diff --git a/templates/Fedora/35/usr/lib/systemd/system/mariadb-copytls.service b/templates/Fedora/35/usr/lib/systemd/system/mariadb-copytls.service index 625bdd1..3f63078 100644 --- a/templates/Fedora/35/usr/lib/systemd/system/mariadb-copytls.service +++ b/templates/Fedora/35/usr/lib/systemd/system/mariadb-copytls.service @@ -4,7 +4,7 @@ Description=Copy TLS Certificates for Mariadb [Service] Type=oneshot ExecStartPre=mkdir -p /etc/my.cnf.d/certificates -ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/*/*.pem /etc/my.cnf.d/certificates/' +ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/{{ mariadb_vhost }}/*.pem /etc/my.cnf.d/certificates/' ExecStartPost=chown -R mysql:mysql /etc/my.cnf.d/certificates [Install]