From 71aefcc229f999f92b25e51b9444b313d95fbc86 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 18 May 2016 00:10:50 +0200
Subject: Add an ansible module 'fetch_cmd' to fetch the output of a remote
 command locally.

And use this to fetch all X.509 leaf certificates.
---
 roles/MX/tasks/main.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'roles/MX')

diff --git a/roles/MX/tasks/main.yml b/roles/MX/tasks/main.yml
index 6ca11c0..62ffa02 100644
--- a/roles/MX/tasks/main.yml
+++ b/roles/MX/tasks/main.yml
@@ -82,10 +82,9 @@
   # Ensure we don't fetch private data
   become: False
   # `/usr/sbin/postmulti -i mx -x /usr/sbin/postconf -xh smtpd_tls_cert_file`
-  fetch: src=/etc/postfix/ssl/mx.fripost.org.pem
-         dest=certs/public/mx{{ mxno | default('') }}.fripost.org.pem
-         fail_on_missing=yes
-         flat=yes
+  fetch_cmd: cmd="openssl x509"
+             stdin=/etc/postfix/ssl/mx.fripost.org.pem
+             dest=certs/public/mx{{ mxno | default('') }}.fripost.org.pem
   tags:
     - genkey
 
-- 
cgit v1.2.3