wibble

author: Guilhem Moulin <guilhem@fripost.org> 2015-06-03 19:13:04 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:54:12 +0200
commit: 8c0f57af454b65e7d01e48a62649bf3886cade46 (patch)
tree: f0dc4e6c90e68370c2bf1b7f500e8044d8423c13 /roles
parent: 9eb84317dd1ecca2f43cb4d5ffa940753eb5984a (diff)
2 files changed, 2 insertions, 4 deletions
diff --git a/roles/IMAP-proxy/tasks/main.yml b/roles/IMAP-proxy/tasks/main.yml
index a75a612..18ad4d6 100644
--- a/roles/IMAP-proxy/tasks/main.yml
+++ b/roles/IMAP-proxy/tasks/main.yml
@@ -47,42 +47,41 @@
   apt: pkg=stunnel4
 
 - name: Auto-enable stunnel
   lineinfile: dest=/etc/default/stunnel4
               regexp='^(\s*#)?\s*ENABLED='
               line='ENABLED=1'
               owner=root group=root
               mode=0644
 
 - name: Create /etc/stunnel/certs
   file: path=/etc/stunnel/certs
         state=directory
         owner=root group=root
         mode=0755
 
 - name: Copy Dovecot's X.509 certificate
   # XXX: it's unfortunate that we have to store the whole CA chain...
   # for some reason stunnel's level 4 "verify" (CA chain and only verify
   # peer certificate) doesn't always work:
   # https://www.stunnel.org/pipermail/stunnel-users/2013-July/004249.html
-  assemble: src=certs/dovecot
-            remote_src=no
+  assemble: src=certs/dovecot remote_src=no
             dest=/etc/stunnel/certs/imap.fripost.org.pem
             owner=root group=root
             mode=0644
   register: r1
   notify:
     - Restart stunnel
 
 - name: Copy slapd's X.509 certificate
   copy: src=certs/ldap/ldap.fripost.org.pem
         dest=/etc/stunnel/certs/ldap.fripost.org.pem
         owner=root group=root
         mode=0644
   register: r2
   notify:
     - Restart stunnel
 
 - name: Configure stunnel
   copy: src=etc/stunnel/imap.conf
         dest=/etc/stunnel/imap.conf
         owner=root group=root
diff --git a/roles/common-LDAP/tasks/main.yml b/roles/common-LDAP/tasks/main.yml
index 5c15cc8..aa2f721 100644
--- a/roles/common-LDAP/tasks/main.yml
+++ b/roles/common-LDAP/tasks/main.yml
@@ -59,42 +59,41 @@
          fail_on_missing=yes
          flat=yes
   with_items:
     - { group: 'LDAP-provider', name: ldap.fripost.org }
     - { group: 'MX',            name: mx               }
     - { group: 'lists',         name: lists            }
   when: "item.group in group_names"
   tags:
     - genkey
 
 - name: Copy the SyncProv's server certificate
   copy: src=certs/ldap/ldap.fripost.org.pem
         dest=/etc/ldap/ssl/ldap.fripost.org.pem
         owner=root group=root
         mode=0644
   when: "'LDAP-provider' not in group_names"
   tags:
     - genkey
 
 - name: Copy the SyncRepls's client certificates
-  assemble: src=certs/ldap
-            remote_src=no
+  assemble: src=certs/ldap remote_src=no
             dest=/etc/ldap/ssl/clients.pem
             owner=root group=root
             mode=0644
   when: "'LDAP-provider' in group_names"
   tags:
     - genkey
 
 - name: Start slapd
   service: name=slapd state=started
   when: not (r1.changed or r2.changed)
 
 - meta: flush_handlers
 
 - name: Copy fripost & amavis' schema
   copy: src=etc/ldap/schema/{{ item }}
         dest=/etc/ldap/schema/{{ item }}
         owner=root group=root
         mode=0644
   # It'd certainly be nicer if we didn't have to deploy amavis' schema
   # everywhere, but we need the 'objectClass' in our replicates, hence
author	Guilhem Moulin <guilhem@fripost.org>	2015-06-03 19:13:04 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:54:12 +0200
commit	8c0f57af454b65e7d01e48a62649bf3886cade46 (patch)
tree	f0dc4e6c90e68370c2bf1b7f500e8044d8423c13 /roles
parent	9eb84317dd1ecca2f43cb4d5ffa940753eb5984a (diff)