Make genkeypair.sh able to display TXT record for DKIM signatures.

author: Guilhem Moulin <guilhem@fripost.org> 2014-06-28 22:37:14 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:52:05 +0200
commit: 9692d409658ce552ab3e0d9f41aadca1c7bcb407 (patch)
tree: c4bbed5b3f7023c7fcdc464e11d571668dc5290c /roles/common/tasks
parent: a0b0b6de279d37641dd1eeb374e52d6fce73ab1d (diff)
2 files changed, 5 insertions, 2 deletions
diff --git a/roles/common/tasks/ipsec.yml b/roles/common/tasks/ipsec.yml
index 5e0115e..d773c1c 100644
--- a/roles/common/tasks/ipsec.yml
+++ b/roles/common/tasks/ipsec.yml
@@ -1,8 +1,9 @@
 - name: Install strongSwan
   apt: pkg=strongswan-ikev2
 
-- name: Generate a key pair for IPSec
-  command: genkeypair.sh --pubkey=/etc/ipsec.d/certs/{{ inventory_hostname }}.pem
+- name: Generate a private key and a X.509 certificate for IPSec
+  command: genkeypair.sh x509
+                         --pubkey=/etc/ipsec.d/certs/{{ inventory_hostname }}.pem
                          --privkey=/etc/ipsec.d/private/{{ inventory_hostname }}.key
                          --dns {{ inventory_hostname }}
                          -t ecdsa -b secp521r1 -h sha512
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index f24a2c9..0048443 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -14,6 +14,8 @@
         dest=/usr/local/bin/genkeypair.sh
         owner=root group=root
         mode=0755
+  tags:
+    - genkeypair
 - include: ipsec.yml    tags=strongswan,ipsec
 - include: logging.yml  tags=logging
 - include: ntp.yml      tags=ntp
author	Guilhem Moulin <guilhem@fripost.org>	2014-06-28 22:37:14 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:52:05 +0200
commit	9692d409658ce552ab3e0d9f41aadca1c7bcb407 (patch)
tree	c4bbed5b3f7023c7fcdc464e11d571668dc5290c /roles/common/tasks
parent	a0b0b6de279d37641dd1eeb374e52d6fce73ab1d (diff)