ansible-hashistack/roles/consul/tasks/setup_client_cert.yml

---
- name: generate the client dc cert
  ansible.builtin.command:
    cmd: consul tls cert create -client -dc {{ consul_dc_name }} -ca /etc/consul/consul-agent-ca.pem
  args:
    chdir: /etc/consul
    creates: "/etc/consul/{{consul_dc_name}}-client-consul-0.pem"
  become: true

- name: set permissions on generated files
  ansible.builtin.file:
    path: "{{ item }}"
    mode: 0640
    owner: consul
    group: consul
  become: true
  loop:
    - "/etc/consul/{{ consul_dc_name }}-client-consul-0.pem"
    - "/etc/consul/{{ consul_dc_name }}-client-consul-0-key.pem"
first commit 2023-09-11 18:31:03 +02:00			`---`
			`- name: generate the client dc cert`
			`ansible.builtin.command:`
			`cmd: consul tls cert create -client -dc {{ consul_dc_name }} -ca /etc/consul/consul-agent-ca.pem`
			`args:`
			`chdir: /etc/consul`
			`creates: "/etc/consul/{{consul_dc_name}}-client-consul-0.pem"`
			`become: true`

			`- name: set permissions on generated files`
			`ansible.builtin.file:`
			`path: "{{ item }}"`
			`mode: 0640`
			`owner: consul`
			`group: consul`
			`become: true`
			`loop:`
			`- "/etc/consul/{{ consul_dc_name }}-client-consul-0.pem"`
			`- "/etc/consul/{{ consul_dc_name }}-client-consul-0-key.pem"`