๐Ÿ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
ansible-playbooks/roles/certs/tasks/validate.yml

46 lines
2.1 KiB

- name: validate mandatory parameters
fail:
msg: some mandatory parameters in cert variable are missing or invalid
when: (cert is not defined) or (cert is not mapping) or
(cert.key is not string) or (cert.cert is not string)
- name: validate optional parameters
fail:
msg: some optional parameters in cert variable are missing or invalid
when: ((cert.ca is defined) and (cert.ca is not string)) or
((cert.id is defined) and (cert.id is not string)) or
((cert.ecc is defined) and (cert.ecc is not boolean)) or
((cert.fqdn is defined) and (cert.fqdn is not string)) or
((cert.tld is defined) and (cert.tld is not string)) or
((cert.hostname is defined) and (cert.hostname is not string)) or
((cert.hosts is defined) and (cert.hosts | type_debug != 'list')) or
((cert.tld is defined) and (cert.tld is not string)) or
((cert.stapling is defined) and (cert.stapling is not boolean)) or
((cert.post_hook is defined) and (cert.post_hook is not string)) or
((cert.notify is defined) and (cert.notify is not string)) or
((cert.owner is defined) and (cert.owner is not string)) or
((cert.group is defined) and (cert.group is not string))
- name: validate parameter combinations
fail:
msg: parameters are defined in an invalid combination
when: ((cert.fqdn is defined) and (cert.hosts is defined)) or
((cert.tld is defined) and (cert.hosts is defined)) or
((cert.hostname is defined) and (cert.hosts is defined)) or
((cert.fqdn is defined) and (cert.tld is defined)) or
((cert.fqdn is defined) and (cert.hostname is defined))
- name: validate hosts
fail:
msg: host parameters are invalid or are defined in an invalid combination
when: ((host.fqdn is defined) and (host.fqdn is not string)) or
((host.tld is defined) and (host.tld is not string)) or
((host.hostname is defined) and (host.hostname is not string)) or
((host.fqdn is defined) and (host.tld is defined)) or
((host.fqdn is defined) and (host.hostname is defined))
loop: "{{ cert.hosts }}"
loop_control:
loop_var: host