Optional tld

blallo · blallo · commit 0bcb4b89b6f1 · 2021-01-24T18:37:15.000+01:00
When updating /etc/hosts to add the hosts in the inventory, also add the name
postfixed with a configurable tld.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -50,3 +50,4 @@ gen_tls_server_enable_san: true
 # POPULATE /etc/hosts
 # -------------------
 gen_tls_populate_etc_hosts: false
+# gen_tls_tld:
diff --git a/inventory.yml b/inventory.yml
@@ -17,3 +17,4 @@ all:
     gen_tls_ca_organization: Example Inc.
     gen_tls_ca_organizationalunit: SysAdmins
     gen_tls_populate_etc_hosts: yes
+    gen_tls_tld: example
diff --git a/tasks/generate-server-cert.yaml b/tasks/generate-server-cert.yaml
@@ -58,7 +58,7 @@
     path: "{{ gen_tls_cert_dir }}/{{ inventory_hostname_short }}.csr"
     privatekey_path: "{{ gen_tls_cert_dir }}/{{ inventory_hostname_short }}.key"
     common_name: "{{inventory_hostname_short}}"
-    subject_alt_name: "DNS:{{inventory_hostname}},DNS:{{inventory_hostname_short}},IP:{{(alt_interface_ip is defined) | ternary(alt_interface_ip, ansible_default_ipv4.address)}},IP:0.0.0.0,IP:127.0.0.1"
+    subject_alt_name: "{% if gen_tls_tld is defined %}DNS:{{ inventory_hostname_short }}.{{ gen_tls_tld }},{% endif %}DNS:{{inventory_hostname}},DNS:{{inventory_hostname_short}},IP:{{(alt_interface_ip is defined) | ternary(alt_interface_ip, ansible_default_ipv4.address)}},IP:0.0.0.0,IP:127.0.0.1"
   when:
     - not server_csr.stat.exists
     - gen_tls_generate_server_cert
diff --git a/tasks/populate-etc-hosts.yaml b/tasks/populate-etc-hosts.yaml
@@ -4,7 +4,7 @@
   lineinfile:
     dest: /etc/hosts
     regexp: '.*{{ item }}$'
-    line: "{{ hostvars[item].ansible_host }} {{item}}"
+    line: "{{ hostvars[item].ansible_host }} {{item}}{% if gen_tls_tld is defined %} {{ item }}.{{ gen_tls_tld }}{% endif %}"
     state: present
   when: hostvars[item].ansible_host is defined
   loop: "{{ groups.all }}"
