From ebab80fc4e8e1999833f9295649766133eb4d6fa Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sat, 28 Jun 2014 23:21:51 +0200
Subject: Generate certs for Dovecot and Nginx if they are not there.

---
 roles/webmail/tasks/roundcube.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'roles/webmail/tasks')

diff --git a/roles/webmail/tasks/roundcube.yml b/roles/webmail/tasks/roundcube.yml
index c737fd1..d79304e 100644
--- a/roles/webmail/tasks/roundcube.yml
+++ b/roles/webmail/tasks/roundcube.yml
@@ -78,11 +78,24 @@
 - name: Start php5-fpm
   service: name=php5-fpm state=started
 
+- name: Generate a private key and a X.509 certificate for Nginx
+  command: genkeypair.sh x509
+                         --pubkey=/etc/nginx/ssl/mail.fripost.org.pem
+                         --privkey=/etc/nginx/ssl/mail.fripost.org.key
+                         --dns mail.fripost.org
+                         -t rsa -b 4096 -h sha512
+  register: r1
+  changed_when: r1.rc == 0
+  failed_when: r1.rc > 1
+  notify:
+    - Restart Nginx
+
 - name: Copy /etc/nginx/sites-available/roundcube
   copy: src=etc/nginx/sites-available/roundcube
         dest=/etc/nginx/sites-available/roundcube
         owner=root group=root
         mode=0644
+  register: r2
   notify:
     - Restart Nginx
 
@@ -91,7 +104,12 @@
         dest=/etc/nginx/sites-enabled/roundcube
         owner=root group=root
         state=link force=yes
+  register: r3
   notify:
     - Restart Nginx
 
+- name: Start Nginx
+  service: name=nginx state=started
+  when: not (r1.changed or r2.changed or r3.changed)
+
 - meta: flush_handlers
-- 
cgit v1.2.3