{"id":5190,"sha1":"502083a0182bae0aed73ba052f75c6c51b63e7cb","playbook":{"id":3070,"items":{"plays":1,"tasks":3,"results":15,"hosts":5,"files":1,"records":0},"arguments":{"version":null,"verbosity":2,"private_key_file":"/home/ssh-gateway/.ssh/id_rsa","remote_user":"root","connection":"ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":false,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/ssh-gateway/ansible/zimbra/inv-stage"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":20,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["install_zimbra_certificate_stage_le.yaml"]},"labels":[{"id":1,"name":"remote_user:root"},{"id":2,"name":"check:False"},{"id":3,"name":"tags:all"}],"started":"2025-06-04T12:55:02.212172+01:00","ended":"2025-06-04T12:56:42.286583+01:00","duration":"00:01:40.074411","name":null,"ansible_version":"2.16.11","client_version":"1.7.2","python_version":"3.10.10","server_version":"1.7.2","status":"completed","path":"/home/ssh-gateway/ansible/zimbra/install_zimbra_certificate_stage_le.yaml","controller":"ssh-gw-4.layershift.com","user":"root"},"content":"---\n- name: Playbook to install \n  hosts: all\n  gather_facts: false\n  vars:\n    files:\n      - commercial_stage_le.key\n      - ssl_stage_le.crt\n      - chain_stage_le.crt\n  tasks:\n    - name: Cleanup first\n      ansible.builtin.shell: |\n        set -o pipefail\n        mv /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date +%s)\n        mkdir /opt/zimbra/ssl/zimbra\n        mkdir /opt/zimbra/ssl/zimbra/ca\n        mkdir /opt/zimbra/ssl/zimbra/commercial\n        mkdir /opt/zimbra/ssl/zimbra/server\n        chown zimbra:zimbra -R /opt/zimbra/ssl/\n        chmod 750 /opt/zimbra/ssl/zimbra\n        chmod 750 /opt/zimbra/ssl/zimbra/*\n        rm -f /opt/zimbra/ssl/zimbra/commercial/commercial.key\n        rm -f /tmp/commercial_stage_le.key /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt\n      args:\n        executable: /bin/bash\n      changed_when: false\n\n    - name: Upload files on host\n      ansible.builtin.copy:\n        src: \"{{ item }}\"\n        dest: /tmp/\n        force: true\n        mode: '0640'\n      loop: \"{{ files }}\"\n\n    - name: Install certificate on host\n      ansible.builtin.shell: |\n        set -o pipefail\n        chown zimbra.zimbra /tmp/commercial_stage_le.key /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt\n        su -l zimbra -c \"cp -prf /tmp/commercial_stage_le.key /opt/zimbra/ssl/zimbra/commercial/commercial.key\"\n        su -l zimbra -c \"zmcertmgr verifycrt comm /tmp/commercial_stage_le.key /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt\"\n        su -l zimbra -c \"zmcertmgr deploycrt comm /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt\"\n        su -l zimbra -c \"zmlocalconfig -e ldap_starttls_required=true\"\n        su -l zimbra -c \"zmlocalconfig -e ldap_starttls_supported=1\"\n        su -l zimbra -c \"zmcontrol restart\"\n        su -l zimbra -c \"zmcertmgr viewdeployedcrt\"\n      args:\n        executable: /bin/bash\n      changed_when: false\n","created":"2025-06-04T12:55:02.231251+01:00","updated":"2025-06-04T12:55:02.231299+01:00","path":"/home/ssh-gateway/ansible/zimbra/install_zimbra_certificate_stage_le.yaml"}