add copy cert and keys

2026-01-24 13:45:22 -07:00
parent 81fd693e4c
commit 0a4373bb58
1 changed files with 18 additions and 0 deletions
--- a/ansible/roles/openldap_server/tasks/tls.yaml
+++ b/ansible/roles/openldap_server/tasks/tls.yaml
@@ -1,3 +1,21 @@
+- name: Copy TLS cert into place
+  copy:
+    src: "/root/.lego/certificates/{{ inventory_hostname | default(cert_domain) }}.crt"
+    dest: /etc/openldap/certs/ldap.crt
+    owner: ldap
+    group: ldap
+    mode: 0600
+    remote_src: true
+
+- name: Copy cert private key into place
+  copy:
+    src: "/root/.lego/certificates/{{ inventory_hostname | default(cert_domain) }}.key"
+    dest: /etc/openldap/certs/ldap.key
+    owner: ldap
+    group: ldap
+    mode: 0600
+    remote_src: true
+
 - name: Configure TLS cert
  community.general.ldap_attrs:
    dn: cn=config