Playbook #702
/home/ssh-gateway/ansible/zimbra/install_zimbra_certificate.yaml
Execution
Date 11 Jun 2024 15:21:20 +0100
Duration 00:02:48.40
Controller ssh-gw-4.layershift.com
User root
Versions
Ansible 2.16.4
ara 1.7.1 / 1.7.1
Python 3.10.10
Summary
5 Hosts
2 Tasks
10 Results
1 Plays
1 Files
0 Records
remote_user:root check:False tags:all subset:new

File: /home/ssh-gateway/ansible/zimbra/install_zimbra_certificate.yaml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
---
- name: Playbook to install zimbra wildcard certificate on cluster
  hosts: all
  gather_facts: false
  vars:
    files:
      - commercial.key
      - ssl.crt
      - chain.crt
  tasks:
    - name: Upload files on host
      ansible.builtin.copy:
        src: "{{ item }}"
        dest: /tmp/
        force: true
        mode: '0640'
      loop: "{{ files }}"
    - name: Install certificate on host
      ansible.builtin.shell: |
        set -o pipefail
        chown zimbra.zimbra /tmp/commercial.key /tmp/ssl.crt /tmp/chain.crt
        su -l zimbra -c "cp -prf /tmp/commercial.key /opt/zimbra/ssl/zimbra/commercial/commercial.key"
        su -l zimbra -c "zmcertmgr verifycrt comm /tmp/commercial.key /tmp/ssl.crt /tmp/chain.crt"
        su -l zimbra -c "zmcertmgr deploycrt comm /tmp/ssl.crt /tmp/chain.crt"
        su -l zimbra -c "zmlocalconfig -e ldap_starttls_required=true"
        su -l zimbra -c "zmlocalconfig -e ldap_starttls_supported=1"
        su -l zimbra -c "zmcontrol restart"
        su -l zimbra -c "zmcertmgr viewdeployedcrt"
      args:
        executable: /bin/bash
      changed_when: false