guilhermegazzinelli/create_server_certificate.yml

## create_server_certificate.yml
---
- name: Create Server Certificate
  hosts: localhost
  gather_facts: false
  vars:
    certificate_path: "certs"
    private_pass: "change me"
  tasks:
    - name: Create Directory.
      file:
        path: "{{ certificate_path }}"
        state: directory

    - name: Generate an OpenSSL private key.
      openssl_privatekey:
        path: "{{ certificate_path }}/server.key"
        passphrase: "{{ private_pass }}"
        cipher: auto
        size: 4096

    - name: Generate an OpenSSL certificate signing request.
      openssl_csr:
        path: "{{ certificate_path }}/server.csr"
        privatekey_passphrase: "{{ private_pass }}"
        privatekey_path: "{{ certificate_path }}/server.key"
        common_name: "example.local"
        key_usage:
          - digitalSignature
          - keyEncipherment
        extended_key_usage:
          - clientAuth
          - serverAuth

    - name: Generate a self signed OpenSSL certificate.
      openssl_certificate:
        path: "{{ certificate_path }}/server.crt"
        privatekey_passphrase: "{{ private_pass }}"
        privatekey_path: "{{ certificate_path }}/server.key"
        csr_path: "{{ certificate_path }}/server.csr"
        provider: selfsigned
        selfsigned_not_after: "+3650d"
        ownca_not_after: "+3650d"

    - name: Writing RSA key pass to private key.
      shell: "openssl rsa -in {{ certificate_path }}/server.key -out {{ certificate_path }}/server.key -passin pass:{{ private_pass }}"

    - name: Create certificate file for AWX.
      copy:
        content: "{{ lookup('file', certificate_path + '/server.key') + '\n' + lookup('file', certificate_path + '/server.crt') }}"
        dest: "{{ certificate_path }}/awx.pem"

      #source:https://sky-joker.tech/2019/12/01/awx%E3%81%AEwebhook%E6%A9%9F%E8%83%BD%E3%82%92%E4%BD%BF%E3%81%A3%E3%81%A6github%E3%81%A8%E9%80%A3%E6%90%BA%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F/
	---
	- name: Create Server Certificate
	hosts: localhost
	gather_facts: false
	vars:
	certificate_path: "certs"
	private_pass: "change me"
	tasks:
	- name: Create Directory.
	file:
	path: "{{ certificate_path }}"
	state: directory

	- name: Generate an OpenSSL private key.
	openssl_privatekey:
	path: "{{ certificate_path }}/server.key"
	passphrase: "{{ private_pass }}"
	cipher: auto
	size: 4096

	- name: Generate an OpenSSL certificate signing request.
	openssl_csr:
	path: "{{ certificate_path }}/server.csr"
	privatekey_passphrase: "{{ private_pass }}"
	privatekey_path: "{{ certificate_path }}/server.key"
	common_name: "example.local"
	key_usage:
	- digitalSignature
	- keyEncipherment
	extended_key_usage:
	- clientAuth
	- serverAuth

	- name: Generate a self signed OpenSSL certificate.
	openssl_certificate:
	path: "{{ certificate_path }}/server.crt"
	privatekey_passphrase: "{{ private_pass }}"
	privatekey_path: "{{ certificate_path }}/server.key"
	csr_path: "{{ certificate_path }}/server.csr"
	provider: selfsigned
	selfsigned_not_after: "+3650d"
	ownca_not_after: "+3650d"

	- name: Writing RSA key pass to private key.
	shell: "openssl rsa -in {{ certificate_path }}/server.key -out {{ certificate_path }}/server.key -passin pass:{{ private_pass }}"

	- name: Create certificate file for AWX.
	copy:
	content: "{{ lookup('file', certificate_path + '/server.key') + '\n' + lookup('file', certificate_path + '/server.crt') }}"
	dest: "{{ certificate_path }}/awx.pem"

	#source:https://sky-joker.tech/2019/12/01/awx%E3%81%AEwebhook%E6%A9%9F%E8%83%BD%E3%82%92%E4%BD%BF%E3%81%A3%E3%81%A6github%E3%81%A8%E9%80%A3%E6%90%BA%E3%81%97%E3%81%A6%E3%81%BF%E3%81%9F/