---

cert_ca_name: "tixel-test-ca.pem"
cert_ca_key_name: "tixel-test-ca-key.pem"
cert_path: "/opt/tixel/config"
cert_path_v3: "/opt/tixstream-fx/config"
local_sign_dir: "/tmp/ansible-cert-sign/{{ansible_hostname}}"
cert_config_path: "{{local_sign_dir}}/openssl.cnf"
cert_ca_key_path: "{{ configs.deployment_dir }}/{{ cert_ca_key_name }}"
cert_ca_cert_path:
  local: "{{ configs.deployment_dir }}/{{ cert_ca_name }}"
  remote: "{{cert_path}}/trusted.pem"
  remote_v3: "{{cert_path_v3}}/trusted.pem"
cert_inter_key_path: "{{local_sign_dir}}/inter-key.pem"
cert_inter_csr_path: "{{local_sign_dir}}/inter.csr"
cert_inter_cert_path: "{{local_sign_dir}}/inter-crt.pem"
cert_truststore_path:
  local: "{{local_sign_dir}}/trusted.p12"
  remote: "{{cert_path}}/trusted.p12"
  remote_v3: "{{cert_path_v3}}/trusted.p12"

cert_key_path:
  local: "{{local_sign_dir}}/{{ansible_hostname}}-key.pem"
  remote: "{{cert_path}}/host-key.pem"
  remote_v3: "{{cert_path_v3}}/host-key.pem"

cert_csr_path: "{{local_sign_dir}}/{{ansible_hostname}}.csr"
cert_single_cert_path: "{{local_sign_dir}}/{{ansible_hostname}}-single-crt.pem"
cert_cert_path:
  local: "{{local_sign_dir}}/{{ansible_hostname}}-crt.pem"
  remote: "{{cert_path}}/host-crt.pem"
  remote_v3: "{{cert_path_v3}}/host-crt.pem"

cert_pcks12_cert_path:
  local: "{{local_sign_dir}}/{{ansible_hostname}}.p12"
  remote: "{{cert_path}}/host.p12"
  remote_v3: "{{cert_path_v3}}/host.p12"

cert_owner: "tixstream"
cert_group: "tixstream"
cert_pkcs12_pass: "changeit"

cert_key_size: "2048"
cert_days_valid: "365"
cert_country: "DE"
cert_state: "Niedersachsen"
cert_locality: "Hannover"
cert_organization: "Tixel"
cert_ca_fields: "/C={{cert_country}}/ST={{cert_state}}/L={{cert_locality}}/O={{cert_organization}}/OU=main/CN=ansible-root-ca"
cert_inter_fields: "/C={{cert_country}}/ST={{cert_state}}/L={{cert_locality}}/O={{cert_organization}}/OU=sub/CN=ansible-inter-ca"

# vim:ft=ansible