From 03bc468e0dab47c9720d3ffa78ab3880d11870b5 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 2 Dec 2015 23:14:30 +0100
Subject: Automatically fetch X.509 certificates, and add them to git.

---
 roles/git/tasks/cgit.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'roles/git/tasks')

diff --git a/roles/git/tasks/cgit.yml b/roles/git/tasks/cgit.yml
index a8be1fc..27e0554 100644
--- a/roles/git/tasks/cgit.yml
+++ b/roles/git/tasks/cgit.yml
@@ -109,3 +109,13 @@
   when: not (r1.changed or r2.changed or r3.changed)
 
 - meta: flush_handlers
+
+- name: Fetch Nginx's X.509 certificate
+  # Ensure we don't fetch private data
+  sudo: False
+  fetch: src=/etc/nginx/ssl/git.fripost.org.pem
+         dest=certs/public/
+         fail_on_missing=yes
+         flat=yes
+  tags:
+    - genkey
-- 
cgit v1.2.3